[v2] qga-win: Free GMatchInfo properly

Message ID	20210610155811.3313927-1-konstantin@daynix.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=CunX=LE=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 33E1C613D0 From: Kostiantyn Kostiuk <konstantin@daynix.com> To: qemu-devel@nongnu.org Subject: [PATCH v2] qga-win: Free GMatchInfo properly Date: Thu, 10 Jun 2021 18:58:11 +0300 Message-Id: <20210610155811.3313927-1-konstantin@daynix.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: none client-ip=2a00:1450:4864:20::22c; envelope-from=konstantin@daynix.com; helo=mail-lj1-x22c.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: Michael Roth <mdroth@linux.vnet.ibm.com> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	[v2] qga-win: Free GMatchInfo properly \| expand [v2] qga-win: Free GMatchInfo properly

Konstantin Kostiuk June 10, 2021, 3:58 p.m. UTC

The g_regex_match function creates match_info even if it
returns FALSE. So we should always call g_match_info_free.
A better solution is using g_autoptr for match_info variable.

Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
---
 qga/commands-win32.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

Daniel P. Berrangé June 10, 2021, 4:02 p.m. UTC | #1

On Thu, Jun 10, 2021 at 06:58:11PM +0300, Kostiantyn Kostiuk wrote:
> The g_regex_match function creates match_info even if it
> returns FALSE. So we should always call g_match_info_free.
> A better solution is using g_autoptr for match_info variable.
> 
> Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
> ---
>  qga/commands-win32.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/qga/commands-win32.c b/qga/commands-win32.c
> index 300b87c859..785a5cc6b2 100644
> --- a/qga/commands-win32.c
> +++ b/qga/commands-win32.c
> @@ -2494,7 +2494,7 @@ GuestDeviceInfoList *qmp_guest_get_devices(Error **errp)
>              continue;
>          }
>          for (j = 0; hw_ids[j] != NULL; j++) {
> -            GMatchInfo *match_info;
> +            g_autoptr(GMatchInfo) match_info;

This should be initialized to NULL otherwise...

>              GuestDeviceIdPCI *id;
>              if (!g_regex_match(device_pci_re, hw_ids[j], 0, &match_info)) {
>                  continue;

this continue will trigger freeing of unintialized memory

Essentially all g_auto* variables should be init to NULL
at all times, even if it currently looks harmless.

> @@ -2511,7 +2511,6 @@ GuestDeviceInfoList *qmp_guest_get_devices(Error **errp)
>              id->vendor_id = g_ascii_strtoull(vendor_id, NULL, 16);
>              id->device_id = g_ascii_strtoull(device_id, NULL, 16);
>  
> -            g_match_info_free(match_info);
>              break;
>          }
>          if (skip) {

Regards,
Daniel

Philippe Mathieu-Daudé June 10, 2021, 4:04 p.m. UTC | #2

On 6/10/21 5:58 PM, Kostiantyn Kostiuk wrote:
> The g_regex_match function creates match_info even if it
> returns FALSE. So we should always call g_match_info_free.
> A better solution is using g_autoptr for match_info variable.
> 
> Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
> ---
>  qga/commands-win32.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Konstantin Kostiuk June 10, 2021, 4:08 p.m. UTC | #3

On Thu, Jun 10, 2021 at 7:02 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:

> On Thu, Jun 10, 2021 at 06:58:11PM +0300, Kostiantyn Kostiuk wrote:
> > The g_regex_match function creates match_info even if it
> > returns FALSE. So we should always call g_match_info_free.
> > A better solution is using g_autoptr for match_info variable.
> >
> > Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
> > ---
> >  qga/commands-win32.c | 3 +--
> >  1 file changed, 1 insertion(+), 2 deletions(-)
> >
> > diff --git a/qga/commands-win32.c b/qga/commands-win32.c
> > index 300b87c859..785a5cc6b2 100644
> > --- a/qga/commands-win32.c
> > +++ b/qga/commands-win32.c
> > @@ -2494,7 +2494,7 @@ GuestDeviceInfoList *qmp_guest_get_devices(Error
> **errp)
> >              continue;
> >          }
> >          for (j = 0; hw_ids[j] != NULL; j++) {
> > -            GMatchInfo *match_info;
> > +            g_autoptr(GMatchInfo) match_info;
>
> This should be initialized to NULL otherwise...
>
> >              GuestDeviceIdPCI *id;
> >              if (!g_regex_match(device_pci_re, hw_ids[j], 0,
> &match_info)) {
> >                  continue;
>
> this continue will trigger freeing of unintialized memory
>

But we always call match_info, so match_info is always initialized.
The g_regex_match function creates match_info even if it returns FALSE.


>
> Essentially all g_auto* variables should be init to NULL
> at all times, even if it currently looks harmless.
>
> > @@ -2511,7 +2511,6 @@ GuestDeviceInfoList *qmp_guest_get_devices(Error
> **errp)
> >              id->vendor_id = g_ascii_strtoull(vendor_id, NULL, 16);
> >              id->device_id = g_ascii_strtoull(device_id, NULL, 16);
> >
> > -            g_match_info_free(match_info);
> >              break;
> >          }
> >          if (skip) {
>
> Regards,
> Daniel
> --
> |: https://berrange.com      -o-
> https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-
> https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-
> https://www.instagram.com/dberrange :|
>
>

Best wishes,
Kostiantyn Kostiuk

Daniel P. Berrangé June 10, 2021, 4:14 p.m. UTC | #4

On Thu, Jun 10, 2021 at 07:08:36PM +0300, Konstantin Kostiuk wrote:
> On Thu, Jun 10, 2021 at 7:02 PM Daniel P. Berrangé <berrange@redhat.com>
> wrote:
> 
> > On Thu, Jun 10, 2021 at 06:58:11PM +0300, Kostiantyn Kostiuk wrote:
> > > The g_regex_match function creates match_info even if it
> > > returns FALSE. So we should always call g_match_info_free.
> > > A better solution is using g_autoptr for match_info variable.
> > >
> > > Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
> > > ---
> > >  qga/commands-win32.c | 3 +--
> > >  1 file changed, 1 insertion(+), 2 deletions(-)
> > >
> > > diff --git a/qga/commands-win32.c b/qga/commands-win32.c
> > > index 300b87c859..785a5cc6b2 100644
> > > --- a/qga/commands-win32.c
> > > +++ b/qga/commands-win32.c
> > > @@ -2494,7 +2494,7 @@ GuestDeviceInfoList *qmp_guest_get_devices(Error
> > **errp)
> > >              continue;
> > >          }
> > >          for (j = 0; hw_ids[j] != NULL; j++) {
> > > -            GMatchInfo *match_info;
> > > +            g_autoptr(GMatchInfo) match_info;
> >
> > This should be initialized to NULL otherwise...
> >
> > >              GuestDeviceIdPCI *id;
> > >              if (!g_regex_match(device_pci_re, hw_ids[j], 0,
> > &match_info)) {
> > >                  continue;
> >
> > this continue will trigger freeing of unintialized memory
> >
> 
> But we always call match_info, so match_info is always initialized.
> The g_regex_match function creates match_info even if it returns FALSE.

Opps, yes, you are right.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


Regards,
Daniel

Konstantin Kostiuk July 14, 2021, 7:26 a.m. UTC | #5

CC Michael Roth

On Thu, Jun 10, 2021 at 7:14 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:

> On Thu, Jun 10, 2021 at 07:08:36PM +0300, Konstantin Kostiuk wrote:
> > On Thu, Jun 10, 2021 at 7:02 PM Daniel P. Berrangé <berrange@redhat.com>
> > wrote:
> >
> > > On Thu, Jun 10, 2021 at 06:58:11PM +0300, Kostiantyn Kostiuk wrote:
> > > > The g_regex_match function creates match_info even if it
> > > > returns FALSE. So we should always call g_match_info_free.
> > > > A better solution is using g_autoptr for match_info variable.
> > > >
> > > > Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
> > > > ---
> > > >  qga/commands-win32.c | 3 +--
> > > >  1 file changed, 1 insertion(+), 2 deletions(-)
> > > >
> > > > diff --git a/qga/commands-win32.c b/qga/commands-win32.c
> > > > index 300b87c859..785a5cc6b2 100644
> > > > --- a/qga/commands-win32.c
> > > > +++ b/qga/commands-win32.c
> > > > @@ -2494,7 +2494,7 @@ GuestDeviceInfoList
> *qmp_guest_get_devices(Error
> > > **errp)
> > > >              continue;
> > > >          }
> > > >          for (j = 0; hw_ids[j] != NULL; j++) {
> > > > -            GMatchInfo *match_info;
> > > > +            g_autoptr(GMatchInfo) match_info;
> > >
> > > This should be initialized to NULL otherwise...
> > >
> > > >              GuestDeviceIdPCI *id;
> > > >              if (!g_regex_match(device_pci_re, hw_ids[j], 0,
> > > &match_info)) {
> > > >                  continue;
> > >
> > > this continue will trigger freeing of unintialized memory
> > >
> >
> > But we always call match_info, so match_info is always initialized.
> > The g_regex_match function creates match_info even if it returns FALSE.
>
> Opps, yes, you are right.
>
> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
>
>
> Regards,
> Daniel
> --
> |: https://berrange.com      -o-
> https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-
> https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-
> https://www.instagram.com/dberrange :|
>
>

Konstantin Kostiuk July 28, 2021, 7:54 a.m. UTC | #6

ping

On Wed, Jul 14, 2021 at 10:26 AM Konstantin Kostiuk <konstantin@daynix.com>
wrote:

> CC Michael Roth
>
> On Thu, Jun 10, 2021 at 7:14 PM Daniel P. Berrangé <berrange@redhat.com>
> wrote:
>
>> On Thu, Jun 10, 2021 at 07:08:36PM +0300, Konstantin Kostiuk wrote:
>> > On Thu, Jun 10, 2021 at 7:02 PM Daniel P. Berrangé <berrange@redhat.com
>> >
>> > wrote:
>> >
>> > > On Thu, Jun 10, 2021 at 06:58:11PM +0300, Kostiantyn Kostiuk wrote:
>> > > > The g_regex_match function creates match_info even if it
>> > > > returns FALSE. So we should always call g_match_info_free.
>> > > > A better solution is using g_autoptr for match_info variable.
>> > > >
>> > > > Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
>> > > > ---
>> > > >  qga/commands-win32.c | 3 +--
>> > > >  1 file changed, 1 insertion(+), 2 deletions(-)
>> > > >
>> > > > diff --git a/qga/commands-win32.c b/qga/commands-win32.c
>> > > > index 300b87c859..785a5cc6b2 100644
>> > > > --- a/qga/commands-win32.c
>> > > > +++ b/qga/commands-win32.c
>> > > > @@ -2494,7 +2494,7 @@ GuestDeviceInfoList
>> *qmp_guest_get_devices(Error
>> > > **errp)
>> > > >              continue;
>> > > >          }
>> > > >          for (j = 0; hw_ids[j] != NULL; j++) {
>> > > > -            GMatchInfo *match_info;
>> > > > +            g_autoptr(GMatchInfo) match_info;
>> > >
>> > > This should be initialized to NULL otherwise...
>> > >
>> > > >              GuestDeviceIdPCI *id;
>> > > >              if (!g_regex_match(device_pci_re, hw_ids[j], 0,
>> > > &match_info)) {
>> > > >                  continue;
>> > >
>> > > this continue will trigger freeing of unintialized memory
>> > >
>> >
>> > But we always call match_info, so match_info is always initialized.
>> > The g_regex_match function creates match_info even if it returns FALSE.
>>
>> Opps, yes, you are right.
>>
>> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
>>
>>
>> Regards,
>> Daniel
>> --
>> |: https://berrange.com      -o-
>> https://www.flickr.com/photos/dberrange :|
>> |: https://libvirt.org         -o-
>> https://fstop138.berrange.com :|
>> |: https://entangle-photo.org    -o-
>> https://www.instagram.com/dberrange :|
>>
>>

Philippe Mathieu-Daudé July 28, 2021, 11:58 a.m. UTC | #7

Still candidate for 6.1.

On 7/28/21 9:54 AM, Konstantin Kostiuk wrote:
> ping
> 
> On Wed, Jul 14, 2021 at 10:26 AM Konstantin Kostiuk
> <konstantin@daynix.com <mailto:konstantin@daynix.com>> wrote:
> 
>     CC Michael Roth
> 
>     On Thu, Jun 10, 2021 at 7:14 PM Daniel P. Berrangé
>     <berrange@redhat.com <mailto:berrange@redhat.com>> wrote:
> 
>         On Thu, Jun 10, 2021 at 07:08:36PM +0300, Konstantin Kostiuk wrote:
>         > On Thu, Jun 10, 2021 at 7:02 PM Daniel P. Berrangé
>         <berrange@redhat.com <mailto:berrange@redhat.com>>
>         > wrote:
>         >
>         > > On Thu, Jun 10, 2021 at 06:58:11PM +0300, Kostiantyn Kostiuk
>         wrote:
>         > > > The g_regex_match function creates match_info even if it
>         > > > returns FALSE. So we should always call g_match_info_free.
>         > > > A better solution is using g_autoptr for match_info variable.
>         > > >
>         > > > Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com
>         <mailto:konstantin@daynix.com>>
>         > > > ---
>         > > >  qga/commands-win32.c | 3 +--
>         > > >  1 file changed, 1 insertion(+), 2 deletions(-)
>         > > >
>         > > > diff --git a/qga/commands-win32.c b/qga/commands-win32.c
>         > > > index 300b87c859..785a5cc6b2 100644
>         > > > --- a/qga/commands-win32.c
>         > > > +++ b/qga/commands-win32.c
>         > > > @@ -2494,7 +2494,7 @@ GuestDeviceInfoList
>         *qmp_guest_get_devices(Error
>         > > **errp)
>         > > >              continue;
>         > > >          }
>         > > >          for (j = 0; hw_ids[j] != NULL; j++) {
>         > > > -            GMatchInfo *match_info;
>         > > > +            g_autoptr(GMatchInfo) match_info;
>         > >
>         > > This should be initialized to NULL otherwise...
>         > >
>         > > >              GuestDeviceIdPCI *id;
>         > > >              if (!g_regex_match(device_pci_re, hw_ids[j], 0,
>         > > &match_info)) {
>         > > >                  continue;
>         > >
>         > > this continue will trigger freeing of unintialized memory
>         > >
>         >
>         > But we always call match_info, so match_info is always
>         initialized.
>         > The g_regex_match function creates match_info even if it
>         returns FALSE.
> 
>         Opps, yes, you are right.
> 
>         Reviewed-by: Daniel P. Berrangé <berrange@redhat.com
>         <mailto:berrange@redhat.com>>
> 
> 
>         Regards,
>         Daniel
>         -- 
>         |: https://berrange.com <https://berrange.com>      -o-   
>         https://www.flickr.com/photos/dberrange
>         <https://www.flickr.com/photos/dberrange> :|
>         |: https://libvirt.org <https://libvirt.org>         -o-       
>             https://fstop138.berrange.com <https://fstop138.berrange.com> :|
>         |: https://entangle-photo.org <https://entangle-photo.org>   
>         -o-    https://www.instagram.com/dberrange
>         <https://www.instagram.com/dberrange> :|
>

[v2] qga-win: Free GMatchInfo properly

Commit Message

Comments

Patch