[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v1 2/2] Fixes: Coverity CID 1558831
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [PATCH v1 2/2] Fixes: Coverity CID 1558831 |
Date: |
Wed, 7 Aug 2024 22:12:48 +0200 |
User-agent: |
Mozilla Thunderbird |
Back at this patch since Cédric asked me to look at it.
On 6/8/24 15:48, Chalapathi V wrote:
In this commit the following coverity scan defect has been fixed
CID 1558831: Resource leaks (RESOURCE_LEAK)
Variable "rsp_payload" going out of scope leaks the storage it
points to.
Signed-off-by: Chalapathi V <chalapathi.v@linux.ibm.com>
---
hw/ssi/pnv_spi.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/ssi/pnv_spi.c b/hw/ssi/pnv_spi.c
index a33f682897..dbe06df224 100644
--- a/hw/ssi/pnv_spi.c
+++ b/hw/ssi/pnv_spi.c
@@ -237,6 +237,7 @@ static void transfer(PnvSpi *s, PnvXferBuffer *payload)
}
if (rsp_payload != NULL) {
spi_response(s, s->N1_bits, rsp_payload);
+ pnv_spi_xfer_buffer_free(rsp_payload);
}
}
Or bigger patch but simpler logic:
-- >8 --
diff --git a/hw/ssi/pnv_spi.c b/hw/ssi/pnv_spi.c
index c1297ab733..aaedba84af 100644
--- a/hw/ssi/pnv_spi.c
+++ b/hw/ssi/pnv_spi.c
@@ -217,6 +217,9 @@ static void transfer(PnvSpi *s, PnvXferBuffer *payload)
PnvXferBuffer *rsp_payload = NULL;
rsp_payload = pnv_spi_xfer_buffer_new();
+ if (!rsp_payload) {
+ return;
+ }
for (int offset = 0; offset < payload->len; offset +=
s->transfer_len) {
tx = 0;
for (int i = 0; i < s->transfer_len; i++) {
@@ -235,9 +238,8 @@ static void transfer(PnvSpi *s, PnvXferBuffer *payload)
(rx >> (8 * (s->transfer_len - 1) - i * 8)) & 0xFF;
}
}
- if (rsp_payload != NULL) {
- spi_response(s, s->N1_bits, rsp_payload);
- }
+ spi_response(s, s->N1_bits, rsp_payload);
+ pnv_spi_xfer_buffer_free(rsp_payload);
}
---
I note few things is odd here:
1/ pnv_spi_xfer_buffer_new() uses the GLib g_malloc0() call
while pnv_spi_xfer_buffer_free() uses plan free().
2/ pnv_spi_xfer_buffer_free() frees payload->data so doesn't
match pnv_spi_xfer_buffer_new().
This is a bit disappointing.