[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2] json: Fix a memleak in parse_pair()
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [PATCH v2] json: Fix a memleak in parse_pair() |
Date: |
Mon, 16 Nov 2020 12:43:15 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.4.0 |
On 11/16/20 7:42 AM, Markus Armbruster wrote:
> "Chenqun (kuhn)" <kuhn.chenqun@huawei.com> writes:
>
>>> -----Original Message-----
>>> From: Chenzhendong (alex)
>>> Sent: Friday, November 13, 2020 10:55 PM
>>> To: armbru@redhat.com
>>> Cc: Chenzhendong (alex) <alex.chen@huawei.com>; qemu-devel@nongnu.org;
>>> qemu-trivial@nongnu.org; Zhanghailiang <zhang.zhanghailiang@huawei.com>;
>>> Chenqun (kuhn) <kuhn.chenqun@huawei.com>
>>> Subject: [PATCH v2] json: Fix a memleak in parse_pair()
>>>
>>> In qobject_type(), NULL is returned when the 'QObject' returned from
>>> parse_value() is not of QString type, and this 'QObject' memory will leaked.
>>> So we need to first cache the 'QObject' returned from parse_value(), and
>>> finally
>>> free 'QObject' memory at the end of the function.
>>> Also, we add a testcast about invalid dict key.
>>>
>>> The memleak stack is as follows:
>>> Direct leak of 32 byte(s) in 1 object(s) allocated from:
>>> #0 0xfffe4b3c34fb in __interceptor_malloc (/lib64/libasan.so.4+0xd34fb)
>>> #1 0xfffe4ae48aa3 in g_malloc (/lib64/libglib-2.0.so.0+0x58aa3)
>>> #2 0xaaab3557d9f7 in qnum_from_int
>>> /Images/source_org/qemu_master/qemu/qobject/qnum.c:25
>>> #3 0xaaab35584d23 in parse_literal
>>> /Images/source_org/qemu_master/qemu/qobject/json-parser.c:511
>>> #4 0xaaab35584d23 in parse_value
>>> /Images/source_org/qemu_master/qemu/qobject/json-parser.c:554
>>> #5 0xaaab35583d77 in parse_pair
>>> /Images/source_org/qemu_master/qemu/qobject/json-parser.c:270
>>> #6 0xaaab355845db in parse_object
>>> /Images/source_org/qemu_master/qemu/qobject/json-parser.c:327
>>> #7 0xaaab355845db in parse_value
>>> /Images/source_org/qemu_master/qemu/qobject/json-parser.c:546
>>> #8 0xaaab35585b1b in json_parser_parse
>>> /Images/source_org/qemu_master/qemu/qobject/json-parser.c:580
>>> #9 0xaaab35583703 in json_message_process_token
>>> /Images/source_org/qemu_master/qemu/qobject/json-streamer.c:92
>>> #10 0xaaab355ddccf in json_lexer_feed_char
>>> /Images/source_org/qemu_master/qemu/qobject/json-lexer.c:313
>>> #11 0xaaab355de0eb in json_lexer_feed
>>> /Images/source_org/qemu_master/qemu/qobject/json-lexer.c:350
>>> #12 0xaaab354aff67 in tcp_chr_read
>>> /Images/source_org/qemu_master/qemu/chardev/char-socket.c:525
>>> #13 0xfffe4ae429db in g_main_context_dispatch
>>> (/lib64/libglib-2.0.so.0+0x529db)
>>> #14 0xfffe4ae42d8f (/lib64/libglib-2.0.so.0+0x52d8f)
>>> #15 0xfffe4ae430df in g_main_loop_run (/lib64/libglib-2.0.so.0+0x530df)
>>> #16 0xaaab34d70bff in iothread_run
>>> /Images/source_org/qemu_master/qemu/iothread.c:82
>>> #17 0xaaab3559d71b in qemu_thread_start
>>> /Images/source_org/qemu_master/qemu/util/qemu-thread-posix.c:519
>>>
...
>
> Queued, thanks!
If possible can you s%/Images/source_org/qemu_master/qemu/%% to make
description more readable...?
Thanks,
Phil.