From f0430d069af991475de6fa83ed62a45f8669c645 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Thu, 18 Jul 2019 16:32:44 +0200 Subject: [PATCH] util: storage: Don't leak metadata on repeated calls of virStorageFileGetMetadata MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When querying storage metadata after a block job we re-run virStorageFileGetMetadata on the top level storage file. This means that the workers (virStorageFileGetMetadataInternal) must not overwrite any pointers without freeing them. This was not considered for src->compat and src->features. Fix it and add a comment mentioning that. Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko Reviewed-by: Michal Privoznik --- src/util/virstoragefile.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index 4e2e7540f1..a6de6a1e45 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -965,7 +965,11 @@ virStorageFileGetEncryptionPayloadOffset(const struct FileEncryptionInfo *info, * assuming it has the given FORMAT, populate information into META * with information about the file and its backing store. Return format * of the backing store as BACKING_FORMAT. PATH and FORMAT have to be - * pre-populated in META */ + * pre-populated in META. + * + * Note that this function may be called repeatedly on @meta, so it must + * clean up any existing allocated memory which would be overwritten. + */ int virStorageFileGetMetadataInternal(virStorageSourcePtr meta, char *buf, @@ -1052,10 +1056,13 @@ virStorageFileGetMetadataInternal(virStorageSourcePtr meta, return -1; } + virBitmapFree(meta->features); + meta->features = NULL; if (fileTypeInfo[meta->format].getFeatures != NULL && fileTypeInfo[meta->format].getFeatures(&meta->features, meta->format, buf, len) < 0) return -1; + VIR_FREE(meta->compat); if (meta->format == VIR_STORAGE_FILE_QCOW2 && meta->features && VIR_STRDUP(meta->compat, "1.1") < 0) return -1;