diff mbox series

[XENSTORE,v1,04/10] xenstore_client: handle memory on error

Message ID 20210226144144.9252-5-nmanthey@amazon.de (mailing list archive)
State New
Headers show
Series Code analysis fixes | expand

Commit Message

Norbert Manthey Feb. 26, 2021, 2:41 p.m. UTC
In case a command fails, also free the memory. As this is for the CLI
client, currently the leaked memory is freed right after receiving the
error, as the application terminates next.

Similarly, if the allocation fails, do not use the NULL pointer
afterwards, but instead error out.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
Reviewed-by: Thomas Friebel <friebelt@amazon.de>
Reviewed-by: Julien Grall <jgrall@amazon.co.uk>

---
 tools/xenstore/xenstore_client.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Juergen Gross March 2, 2021, 5:08 a.m. UTC | #1
On 26.02.21 15:41, Norbert Manthey wrote:
> In case a command fails, also free the memory. As this is for the CLI
> client, currently the leaked memory is freed right after receiving the
> error, as the application terminates next.
> 
> Similarly, if the allocation fails, do not use the NULL pointer
> afterwards, but instead error out.
> 
> This bug was discovered and resolved using Coverity Static Analysis
> Security Testing (SAST) by Synopsys, Inc.
> 
> Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
> Reviewed-by: Thomas Friebel <friebelt@amazon.de>
> Reviewed-by: Julien Grall <jgrall@amazon.co.uk>

Reviewed-by: Juergen Gross <jgross@suse.com>


Juergen
Ian Jackson March 3, 2021, 4:10 p.m. UTC | #2
Norbert Manthey writes ("[PATCH XENSTORE v1 04/10] xenstore_client: handle memory on error"):
> In case a command fails, also free the memory. As this is for the CLI
> client, currently the leaked memory is freed right after receiving the
> error, as the application terminates next.
> 
> Similarly, if the allocation fails, do not use the NULL pointer
> afterwards, but instead error out.

I think this is not for 4.15.

Thanks,
Ian.
diff mbox series

Patch

diff --git a/tools/xenstore/xenstore_client.c b/tools/xenstore/xenstore_client.c
--- a/tools/xenstore/xenstore_client.c
+++ b/tools/xenstore/xenstore_client.c
@@ -382,11 +382,14 @@  perform(enum mode mode, int optind, int argc, char **argv, struct xs_handle *xsh
                 /* Copy path, because we can't modify argv because we will need it
                    again if xs_transaction_end gives us EAGAIN. */
                 char *p = malloc(strlen(path) + 1);
+                if (!p)
+                    return 1;
                 strcpy(p, path);
                 path = p;
 
             again:
                 if (do_rm(path, xsh, xth)) {
+                    free(path);
                     return 1;
                 }