Blob Blame Raw
From 05452efd7e0fb0522099ae09a396f8f97e66014a Mon Sep 17 00:00:00 2001
From: Maxim Levitsky <mlevitsk@redhat.com>
Date: Wed, 11 Mar 2020 10:51:47 +0000
Subject: [PATCH 06/20] block: Fix leak in bdrv_create_file_fallback()

RH-Author: Maxim Levitsky <mlevitsk@redhat.com>
Message-id: <20200311105147.13208-7-mlevitsk@redhat.com>
Patchwork-id: 94229
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH v2 6/6] block: Fix leak in bdrv_create_file_fallback()
Bugzilla: 1640894
RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
RH-Acked-by: John Snow <jsnow@redhat.com>
RH-Acked-by: Max Reitz <mreitz@redhat.com>

From: Max Reitz <mreitz@redhat.com>

@options is leaked by the first two return statements in this function.

Note that blk_new_open() takes the reference to @options even on
failure, so all we need to do to fix the leak is to move the QDict
allocation down to where we actually need it.

Reported-by: Coverity (CID 1419884)
Fixes: fd17146cd93d1704cd96d7c2757b325fc7aac6fd
       ("block: Generic file creation fallback")
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200225155618.133412-1-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit eeea1faa099f82328f5831cf252f8ce0a59a9287)
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>

Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
 block.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/block.c b/block.c
index 3beec7f..e1a4e38 100644
--- a/block.c
+++ b/block.c
@@ -600,7 +600,7 @@ static int bdrv_create_file_fallback(const char *filename, BlockDriver *drv,
                                      QemuOpts *opts, Error **errp)
 {
     BlockBackend *blk;
-    QDict *options = qdict_new();
+    QDict *options;
     int64_t size = 0;
     char *buf = NULL;
     PreallocMode prealloc;
@@ -623,6 +623,7 @@ static int bdrv_create_file_fallback(const char *filename, BlockDriver *drv,
         return -ENOTSUP;
     }
 
+    options = qdict_new();
     qdict_put_str(options, "driver", drv->format_name);
 
     blk = blk_new_open(filename, NULL, options,
-- 
1.8.3.1