| Message ID | 20241011031937.92216-5-demeng@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | qemu-ga: Fix some potential issues find by coverity | expand |
Same comment about $SUBJECT being too long. You need a blank line after the 1st line in the commit message. On Fri, Oct 11, 2024 at 11:19:37AM +0800, Dehan Meng wrote: > Signed-off-by: Dehan Meng <demeng@redhat.com> > --- > qga/commands-linux.c | 116 ++++++++++++++++++++----------------------- > 1 file changed, 53 insertions(+), 63 deletions(-) > > diff --git a/qga/commands-linux.c b/qga/commands-linux.c > index 4f0e38be81..c6cca630ef 100644 > --- a/qga/commands-linux.c > +++ b/qga/commands-linux.c > @@ -2094,12 +2094,12 @@ GuestCpuStatsList *qmp_guest_get_cpustats(Error **errp) > return head; > } > > -static char *hexToIPAddress(const void *hexValue, int is_ipv6) > +static char *hex_to_ip_address(const void *hex_value, int is_ipv6) > { > if (is_ipv6) { > char addr[INET6_ADDRSTRLEN]; > struct in6_addr in6; > - const char *hexStr = (const char *)hexValue; > + const char *hex_str = (const char *)hex_value; > int i; > > for (i = 0; i < 16; i++) { > @@ -2111,11 +2111,11 @@ static char *hexToIPAddress(const void *hexValue, int is_ipv6) > > return g_strdup(addr); > } else { > - unsigned int hexInt = *(unsigned int *)hexValue; > - unsigned int byte1 = (hexInt >> 24) & 0xFF; > - unsigned int byte2 = (hexInt >> 16) & 0xFF; > - unsigned int byte3 = (hexInt >> 8) & 0xFF; > - unsigned int byte4 = hexInt & 0xFF; > + unsigned int hex_int = *(unsigned int *)hex_value; > + unsigned int byte1 = (hex_int >> 24) & 0xFF; > + unsigned int byte2 = (hex_int >> 16) & 0xFF; > + unsigned int byte3 = (hex_int >> 8) & 0xFF; > + unsigned int byte4 = hex_int & 0xFF; > > return g_strdup_printf("%u.%u.%u.%u", byte4, byte3, byte2, byte1); > } > @@ -2131,6 +2131,7 @@ GuestNetworkRouteList *qmp_guest_network_get_route(Error **errp) > int firstLine; > int is_ipv6; > int i; > + char iface[IFNAMSIZ]; > > for (i = 0; i < 2; i++) { > firstLine = 1; > @@ -2146,72 +2147,61 @@ GuestNetworkRouteList *qmp_guest_network_get_route(Error **errp) > firstLine = 0; > continue; > } > - GuestNetworkRoute *route = NULL; > - GuestNetworkRoute *networkroute; > - char Iface[IFNAMSIZ]; > - if (is_ipv6) { > - char Destination[33], Source[33], NextHop[33]; > - int DesPrefixlen, SrcPrefixlen, Metric, RefCnt, Use, Flags; > > - /* Parse the line and extract the values */ > + GuestNetworkRoute *route = g_new0(GuestNetworkRoute, 1); > + > + if (is_ipv6) { > + char destination[33], source[33], next_hop[33]; > + int des_prefixlen, src_prefixlen, metric, refcnt, use, flags; > if (sscanf(line, "%32s %x %32s %x %32s %x %x %x %x %s", > - Destination, &DesPrefixlen, Source, > - &SrcPrefixlen, NextHop, &Metric, &RefCnt, > - &Use, &Flags, Iface) != 10) { > + destination, &des_prefixlen, source, > + &src_prefixlen, next_hop, &metric, &refcnt, > + &use, &flags, iface) != 10) { > continue; > } > > - route = g_new0(GuestNetworkRoute, 1); By moving this up to the time of declaration of 'route', you've introduced a memory leak when the above 'sscanf' line triggers the 'continue' branch. > - networkroute = route; > - networkroute->iface = g_strdup(Iface); > - networkroute->destination = hexToIPAddress(Destination, 1); > - networkroute->metric = Metric; > - networkroute->source = hexToIPAddress(Source, 1); > - networkroute->desprefixlen = g_strdup_printf( > - "%d", DesPrefixlen > - ); > - networkroute->srcprefixlen = g_strdup_printf( > - "%d", SrcPrefixlen > - ); > - networkroute->nexthop = hexToIPAddress(NextHop, 1); > - networkroute->has_flags = true; > - networkroute->flags = Flags; > - networkroute->has_refcnt = true; > - networkroute->refcnt = RefCnt; > - networkroute->has_use = true; > - networkroute->use = Use; > - networkroute->version = 6; > - } else { > - unsigned int Destination, Gateway, Mask, Flags; > - int RefCnt, Use, Metric, MTU, Window, IRTT; > + route->iface = g_strdup(iface); > + route->destination = hex_to_ip_address(destination, 1); > + route->source = hex_to_ip_address(source, 1); > + route->nexthop = hex_to_ip_address(next_hop, 1); > + route->desprefixlen = g_strdup_printf("%d", des_prefixlen); > + route->srcprefixlen = g_strdup_printf("%d", src_prefixlen); > + route->metric = metric; > + route->has_flags = true; > + route->flags = flags; > + route->has_refcnt = true; > + route->refcnt = refcnt; > + route->has_use = true; > + route->use = use; > + route->version = 6; > > - /* Parse the line and extract the values */ > + } else { > + unsigned int destination, gateway, mask, flags; > + int refcnt, use, metric, mtu, window, irtt; > if (sscanf(line, "%s %X %X %x %d %d %d %X %d %d %d", > - Iface, &Destination, &Gateway, &Flags, &RefCnt, > - &Use, &Metric, &Mask, &MTU, &Window, &IRTT) != 11) { > + iface, &destination, &gateway, &flags, &refcnt, > + &use, &metric, &mask, &mtu, &window, &irtt) != 11) { > continue; > } > > - route = g_new0(GuestNetworkRoute, 1); Again, introduced a memory leak for the same reason. > - networkroute = route; > - networkroute->iface = g_strdup(Iface); > - networkroute->destination = hexToIPAddress(&Destination, 0); > - networkroute->gateway = hexToIPAddress(&Gateway, 0); > - networkroute->mask = hexToIPAddress(&Mask, 0); > - networkroute->metric = Metric; > - networkroute->has_flags = true; > - networkroute->flags = Flags; > - networkroute->has_refcnt = true; > - networkroute->refcnt = RefCnt; > - networkroute->has_use = true; > - networkroute->use = Use; > - networkroute->has_mtu = true; > - networkroute->mtu = MTU; > - networkroute->has_window = true; > - networkroute->window = Window; > - networkroute->has_irtt = true; > - networkroute->irtt = IRTT; > - networkroute->version = 4; > + route->iface = g_strdup(iface); > + route->destination = hex_to_ip_address(&destination, 0); > + route->gateway = hex_to_ip_address(&gateway, 0); > + route->mask = hex_to_ip_address(&mask, 0); > + route->metric = metric; > + route->has_flags = true; > + route->flags = flags; > + route->has_refcnt = true; > + route->refcnt = refcnt; > + route->has_use = true; > + route->use = use; > + route->has_mtu = true; > + route->mtu = mtu; > + route->has_window = true; > + route->window = window; > + route->has_irtt = true; > + route->irtt = irtt; > + route->version = 4; > } > > QAPI_LIST_APPEND(tail, route); > -- > 2.40.1 > > With regards, Daniel
diff --git a/qga/commands-linux.c b/qga/commands-linux.c index 4f0e38be81..c6cca630ef 100644 --- a/qga/commands-linux.c +++ b/qga/commands-linux.c @@ -2094,12 +2094,12 @@ GuestCpuStatsList *qmp_guest_get_cpustats(Error **errp) return head; } -static char *hexToIPAddress(const void *hexValue, int is_ipv6) +static char *hex_to_ip_address(const void *hex_value, int is_ipv6) { if (is_ipv6) { char addr[INET6_ADDRSTRLEN]; struct in6_addr in6; - const char *hexStr = (const char *)hexValue; + const char *hex_str = (const char *)hex_value; int i; for (i = 0; i < 16; i++) { @@ -2111,11 +2111,11 @@ static char *hexToIPAddress(const void *hexValue, int is_ipv6) return g_strdup(addr); } else { - unsigned int hexInt = *(unsigned int *)hexValue; - unsigned int byte1 = (hexInt >> 24) & 0xFF; - unsigned int byte2 = (hexInt >> 16) & 0xFF; - unsigned int byte3 = (hexInt >> 8) & 0xFF; - unsigned int byte4 = hexInt & 0xFF; + unsigned int hex_int = *(unsigned int *)hex_value; + unsigned int byte1 = (hex_int >> 24) & 0xFF; + unsigned int byte2 = (hex_int >> 16) & 0xFF; + unsigned int byte3 = (hex_int >> 8) & 0xFF; + unsigned int byte4 = hex_int & 0xFF; return g_strdup_printf("%u.%u.%u.%u", byte4, byte3, byte2, byte1); } @@ -2131,6 +2131,7 @@ GuestNetworkRouteList *qmp_guest_network_get_route(Error **errp) int firstLine; int is_ipv6; int i; + char iface[IFNAMSIZ]; for (i = 0; i < 2; i++) { firstLine = 1; @@ -2146,72 +2147,61 @@ GuestNetworkRouteList *qmp_guest_network_get_route(Error **errp) firstLine = 0; continue; } - GuestNetworkRoute *route = NULL; - GuestNetworkRoute *networkroute; - char Iface[IFNAMSIZ]; - if (is_ipv6) { - char Destination[33], Source[33], NextHop[33]; - int DesPrefixlen, SrcPrefixlen, Metric, RefCnt, Use, Flags; - /* Parse the line and extract the values */ + GuestNetworkRoute *route = g_new0(GuestNetworkRoute, 1); + + if (is_ipv6) { + char destination[33], source[33], next_hop[33]; + int des_prefixlen, src_prefixlen, metric, refcnt, use, flags; if (sscanf(line, "%32s %x %32s %x %32s %x %x %x %x %s", - Destination, &DesPrefixlen, Source, - &SrcPrefixlen, NextHop, &Metric, &RefCnt, - &Use, &Flags, Iface) != 10) { + destination, &des_prefixlen, source, + &src_prefixlen, next_hop, &metric, &refcnt, + &use, &flags, iface) != 10) { continue; } - route = g_new0(GuestNetworkRoute, 1); - networkroute = route; - networkroute->iface = g_strdup(Iface); - networkroute->destination = hexToIPAddress(Destination, 1); - networkroute->metric = Metric; - networkroute->source = hexToIPAddress(Source, 1); - networkroute->desprefixlen = g_strdup_printf( - "%d", DesPrefixlen - ); - networkroute->srcprefixlen = g_strdup_printf( - "%d", SrcPrefixlen - ); - networkroute->nexthop = hexToIPAddress(NextHop, 1); - networkroute->has_flags = true; - networkroute->flags = Flags; - networkroute->has_refcnt = true; - networkroute->refcnt = RefCnt; - networkroute->has_use = true; - networkroute->use = Use; - networkroute->version = 6; - } else { - unsigned int Destination, Gateway, Mask, Flags; - int RefCnt, Use, Metric, MTU, Window, IRTT; + route->iface = g_strdup(iface); + route->destination = hex_to_ip_address(destination, 1); + route->source = hex_to_ip_address(source, 1); + route->nexthop = hex_to_ip_address(next_hop, 1); + route->desprefixlen = g_strdup_printf("%d", des_prefixlen); + route->srcprefixlen = g_strdup_printf("%d", src_prefixlen); + route->metric = metric; + route->has_flags = true; + route->flags = flags; + route->has_refcnt = true; + route->refcnt = refcnt; + route->has_use = true; + route->use = use; + route->version = 6; - /* Parse the line and extract the values */ + } else { + unsigned int destination, gateway, mask, flags; + int refcnt, use, metric, mtu, window, irtt; if (sscanf(line, "%s %X %X %x %d %d %d %X %d %d %d", - Iface, &Destination, &Gateway, &Flags, &RefCnt, - &Use, &Metric, &Mask, &MTU, &Window, &IRTT) != 11) { + iface, &destination, &gateway, &flags, &refcnt, + &use, &metric, &mask, &mtu, &window, &irtt) != 11) { continue; } - route = g_new0(GuestNetworkRoute, 1); - networkroute = route; - networkroute->iface = g_strdup(Iface); - networkroute->destination = hexToIPAddress(&Destination, 0); - networkroute->gateway = hexToIPAddress(&Gateway, 0); - networkroute->mask = hexToIPAddress(&Mask, 0); - networkroute->metric = Metric; - networkroute->has_flags = true; - networkroute->flags = Flags; - networkroute->has_refcnt = true; - networkroute->refcnt = RefCnt; - networkroute->has_use = true; - networkroute->use = Use; - networkroute->has_mtu = true; - networkroute->mtu = MTU; - networkroute->has_window = true; - networkroute->window = Window; - networkroute->has_irtt = true; - networkroute->irtt = IRTT; - networkroute->version = 4; + route->iface = g_strdup(iface); + route->destination = hex_to_ip_address(&destination, 0); + route->gateway = hex_to_ip_address(&gateway, 0); + route->mask = hex_to_ip_address(&mask, 0); + route->metric = metric; + route->has_flags = true; + route->flags = flags; + route->has_refcnt = true; + route->refcnt = refcnt; + route->has_use = true; + route->use = use; + route->has_mtu = true; + route->mtu = mtu; + route->has_window = true; + route->window = window; + route->has_irtt = true; + route->irtt = irtt; + route->version = 4; } QAPI_LIST_APPEND(tail, route);
Signed-off-by: Dehan Meng <demeng@redhat.com> --- qga/commands-linux.c | 116 ++++++++++++++++++++----------------------- 1 file changed, 53 insertions(+), 63 deletions(-)