qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fix a potential memory leak bug in write_boot_rom() (v6.2.0).

From: wliang
Subject: Fix a potential memory leak bug in write_boot_rom() (v6.2.0).
Date: Wed, 23 Feb 2022 22:39:23 +0800 (GMT+08:00)
Hi all,

I find a memory leak bug in QEMU 6.2.0, which is in write_boot_rom()( ./hw/arm/aspeed.c).

Specifically, at line 276, a memory chunk is allocated with g_new0() and assigned to the variable 'storage'. However, if the branch takes true at line 277, there will be only an error report at line 278 but not a free operation for 'storage' before function returns. As a result, a memory leak bug is triggered.


259     BlockBackend *blk = blk_by_legacy_dinfo(dinfo);
...
276     storage = g_new0(uint8_t, rom_size);
277     if (blk_pread(blk, 0, storage, rom_size) < 0) {
278         error_setg(errp, "failed to read the initial flash content");
279         return;
280     }


I believe that the problem can be fixed by adding a g_free() before the function returns.


277     if (blk_pread(blk, 0, storage, rom_size) < 0) {
278         error_setg(errp, "failed to read the initial flash content");
+++     g_free(storage);
279         return;
280     }


I'm looking forward to your confirmation.

Best,
Wentao

Attachment: aspeed.c.patch
Description: Text Data

reply via email to
[Prev in Thread] Current Thread [Next in Thread]