xen-block: Avoid leaks on new error path

Commit 1898293990 ("xen-block: Use specific blockdev driver")
introduced a new error path, without taking care of allocated
resources.

So only allocate the qdicts after the error check, and free both
`filename` and `driver` when we are about to return and thus taking
care of both success and error path.

Coverity only spotted the leak of qdicts (*_layer variables).

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Fixes: Coverity CID 1508722, 1398649
Fixes: 1898293990 ("xen-block: Use specific blockdev driver")
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Reviewed-by: Paul Durrant <paul@xen.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230704171819.42564-1-anthony.perard@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
This commit is contained in:
Anthony PERARD 2023-07-04 18:18:19 +01:00
parent ace33a0e5a
commit aa36243514

View File

@ -781,14 +781,15 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
drive = g_new0(XenBlockDrive, 1);
drive->id = g_strdup(id);
file_layer = qdict_new();
driver_layer = qdict_new();
rc = stat(filename, &st);
if (rc) {
error_setg_errno(errp, errno, "Could not stat file '%s'", filename);
goto done;
}
file_layer = qdict_new();
driver_layer = qdict_new();
if (S_ISBLK(st.st_mode)) {
qdict_put_str(file_layer, "driver", "host_device");
} else {
@ -796,7 +797,6 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
}
qdict_put_str(file_layer, "filename", filename);
g_free(filename);
if (mode && *mode != 'w') {
qdict_put_bool(file_layer, "read-only", true);
@ -831,7 +831,6 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
qdict_put_str(file_layer, "locking", "off");
qdict_put_str(driver_layer, "driver", driver);
g_free(driver);
qdict_put(driver_layer, "file", file_layer);
@ -842,6 +841,8 @@ static XenBlockDrive *xen_block_drive_create(const char *id,
qobject_unref(driver_layer);
done:
g_free(filename);
g_free(driver);
if (*errp) {
xen_block_drive_destroy(drive, NULL);
return NULL;