[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v10 06/19] multi-process: define MPQemuMsg format and transmi
From: |
Stefan Hajnoczi |
Subject: |
Re: [PATCH v10 06/19] multi-process: define MPQemuMsg format and transmission functions |
Date: |
Wed, 7 Oct 2020 15:22:28 +0100 |
On Mon, Oct 05, 2020 at 11:50:54AM -0700, elena.ufimtseva@oracle.com wrote:
> +void mpqemu_msg_recv(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
> +{
> + Error *local_err = NULL;
> + int *fds = NULL;
> + size_t nfds = 0;
> + ssize_t len;
> +
> + len = mpqemu_read(ioc, (void *)msg, MPQEMU_MSG_HDR_SIZE, &fds, &nfds,
> + &local_err);
> + if (!local_err) {
> + if (len == -EIO) {
> + error_setg(&local_err, "Connection closed.");
> + goto fail;
> + }
> + if (len < 0) {
> + error_setg(&local_err, "Message length is less than 0");
> + goto fail;
> + }
> + if (len != MPQEMU_MSG_HDR_SIZE) {
> + error_setg(&local_err, "Message header corrupted");
> + goto fail;
> + }
> + } else {
> + goto fail;
> + }
> +
> + if (msg->size > sizeof(msg->data)) {
> + error_setg(&local_err, "Invalid size for message");
> + goto fail;
> + }
> +
> + if (mpqemu_read(ioc, (void *)&msg->data, msg->size, NULL, NULL,
> + &local_err) < 0) {
> + goto fail;
> + }
> +
> + msg->num_fds = nfds;
> + if (nfds) {
> + memcpy(msg->fds, fds, nfds * sizeof(int));
msg->fds buffer overflow if nfds > G_N_ELEMENTS(msg->fds).
> + }
> +
> +fail:
The fd[] array is leaked.
The file descriptors themselves are leaked on error, too.
signature.asc
Description: PGP signature
- [PATCH v10 00/19] Initial support for multi-process Qemu, elena . ufimtseva, 2020/10/05
- [PATCH v10 06/19] multi-process: define MPQemuMsg format and transmission functions, elena . ufimtseva, 2020/10/05
- Re: [PATCH v10 06/19] multi-process: define MPQemuMsg format and transmission functions,
Stefan Hajnoczi <=
- [PATCH v10 02/19] multi-process: Add config option for multi-process QEMU, elena . ufimtseva, 2020/10/05
- [PATCH v10 01/19] memory: alloc RAM from file at offset, elena . ufimtseva, 2020/10/05
- [PATCH v10 07/19] multi-process: Initialize message handler in remote device, elena . ufimtseva, 2020/10/05
- [PATCH v10 03/19] multi-process: setup PCI host bridge for remote device, elena . ufimtseva, 2020/10/05
- [PATCH v10 05/19] multi-process: add qio channel function to transmit, elena . ufimtseva, 2020/10/05
- [PATCH v10 08/19] multi-process: Associate fd of a PCIDevice with its object, elena . ufimtseva, 2020/10/05
- [PATCH v10 09/19] multi-process: setup memory manager for remote device, elena . ufimtseva, 2020/10/05
- [PATCH v10 12/19] multi-process: Forward PCI config space acceses to the remote process, elena . ufimtseva, 2020/10/05