|
From: | Hailiang Zhang |
Subject: | Re: [Qemu-devel] [PATCH 1/3] net/colo: fix memory double free error |
Date: | Tue, 21 Feb 2017 11:06:29 +0800 |
User-agent: | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 |
On 2017/2/21 10:25, Zhang Chen wrote:
On 02/20/2017 04:01 PM, zhanghailiang wrote:The 'primary_list' and 'secondary_list' members of struct Connection is not allocated through dynamically g_queue_new(), but we free it by using g_queue_free(), which will lead to a double-free bug. Signed-off-by: zhanghailiang <address@hidden> --- net/colo.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/net/colo.c b/net/colo.c index 6a6eacd..7d5c423 100644 --- a/net/colo.c +++ b/net/colo.c @@ -147,9 +147,7 @@ void connection_destroy(void *opaque) Connection *conn = opaque; g_queue_foreach(&conn->primary_list, packet_destroy, NULL); - g_queue_free(&conn->primary_list); g_queue_foreach(&conn->secondary_list, packet_destroy, NULL); - g_queue_free(&conn->secondary_list);I think we need use g_queue_clear () here.
Ha, you are right, my original modification will introduce memory leak. Will fix in next version.
void g_queue_clear (GQueue *queue); Removes all the elements in queue . If queue elements contain dynamically-allocated memory, they should be freed first. Thanks Zhang Cheng_slice_free(Connection, conn); }
[Prev in Thread] | Current Thread | [Next in Thread] |