OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/hw
History
Paolo Bonzini 393c13b940 bt: stop the sdp memory allocation craziness 
Clang static analyzer reports a memory leak.  Actually, the allocated
memory escapes here:

        record->attribute_list[record->attributes].pair = data;

but clang is correct that the memory might leak if len is zero.  We
know it isn't; assert that it is the case.

The craziness doesn't end there.  The memory is freed by
bt_l2cap_sdp_close_ch:

       g_free(sdp->service_list[i].attribute_list->pair);

which actually should have been written like this:

       g_free(sdp->service_list[i].attribute_list[0].pair);

The attribute_list is sorted with qsort; but indeed the first
entry of attribute_list should point to "data" even after the qsort,
because the first record has id SDP_ATTR_RECORD_HANDLE, whose
numeric value is zero.

But hang on.  The qsort function is

    static int sdp_attributeid_compare(
                const struct sdp_service_attribute_s *a,
                const struct sdp_service_attribute_s *b)
    {
        return (int) b->attribute_id - a->attribute_id;
    }

but no one ever writes attribute_id.  So it only works if qsort is
stable, and who knows what else is broken, but we can fix it by
setting attribute_id in the while loop.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
 		2017-08-01 17:27:33 +02:00
..
9pfs docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
acpi docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
adc STM32F2xx: Add the ADC device 2016-10-04 13:28:07 +01:00
alpha docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
arm docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
audio trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
block docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
bt bt: stop the sdp memory allocation craziness 2017-08-01 17:27:33 +02:00
char trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
core loader: check get_image_size() return value 2017-07-31 13:06:38 +03:00
cpu hw/cpu: core.c can be compiled as common object 2017-06-09 12:02:55 +10:00
cris hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
display trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
dma trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
gpio qdev: Replace cannot_instantiate_with_device_add_yet with !user_creatable 2017-05-17 10:37:00 -03:00
i2c migration/next for 20170601 2017-06-02 14:07:53 +01:00
i386 trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
ide -----BEGIN PGP SIGNATURE----- 2017-07-19 13:43:58 +01:00
input trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
intc trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
ipack ipack: Update e-mail address 2016-05-18 15:04:27 +03:00
ipmi qom: enforce readonly nature of link's check callback 2017-07-14 12:04:42 +02:00
isa trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
lm32 char: rename CharDriverState Chardev 2017-01-27 18:07:59 +01:00
m68k hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
mem docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
microblaze hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
mips hw/mips: load_elf_strerror to report kernel loading failure 2017-07-28 13:32:32 +01:00
misc trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
moxie hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
net trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
nios2 hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
nvram trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
openrisc hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
pci trace-events: fix code style: %# -> 0x% 2017-08-01 12:13:07 +01:00
pci-bridge pci: Convert shpc_init() to Error 2017-07-03 22:29:49 +03:00
pci-host memory: Rename memory_region_init_ram() to memory_region_init_ram_nomigrate() 2017-07-14 17:59:42 +01:00
pcmcia hw: Clean up includes 2016-01-29 15:07:25 +00:00
ppc trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
s390x trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
scsi trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
sd trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
sh4 hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
smbios stubs: move smbios stubs to hw/smbios 2017-01-16 17:52:35 +01:00
sparc docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
sparc64 memory: Rename memory_region_init_ram() to memory_region_init_ram_nomigrate() 2017-07-14 17:59:42 +01:00
ssi xilinx_spips: allow mmio execution 2017-06-27 15:09:15 +02:00
timer trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
tpm clean-up: removed duplicate #includes 2016-10-28 18:17:24 +03:00
tricore hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
unicore32 fix qemu-system-unicore32 crashing when calling without -kernel 2017-07-31 13:05:49 +03:00
usb trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
vfio trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
virtio trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
watchdog shutdown: Add source information to SHUTDOWN and RESET 2017-05-23 13:28:17 +02:00
xen trace-events: fix code style: %# -> 0x% 2017-08-01 12:13:07 +01:00
xenpv xenfb: remove xen_init_display "temporary" hack 2017-07-07 11:10:03 -07:00
xtensa hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
Makefile.objs acpi: filter based on CONFIG_ACPI_X86 rather than TARGET 2017-01-16 17:52:35 +01:00