[lxc-devel] [PATCH] Free allocated memory on failure

Mon Sep 28 03:55:39 UTC 2015

Quoting Christian Brauner (christianvanbrauner at gmail.com):
> Signed-off-by: Christian Brauner <christianvanbrauner at gmail.com>
> ---
>  src/lxc/bdev.c | 13 ++++++++++---
>  1 file changed, 10 insertions(+), 3 deletions(-)
> 
> diff --git a/src/lxc/bdev.c b/src/lxc/bdev.c
> index 21a64f7..8a62008 100644
> --- a/src/lxc/bdev.c
> +++ b/src/lxc/bdev.c
> @@ -2461,12 +2461,15 @@ static int overlayfs_clonepaths(struct bdev *orig, struct bdev *new, const char
>  		// and needs to be on the same filesystem as upperdir,
>  		// so it's OK for it to be empty.
>  		work = malloc(lastslashidx + 7);
> -		if (!work)
> +		if (!work) {
> +			free(delta);
>  			return -1;
> +		}
>  		strncpy(work, new->dest, lastslashidx+1);
>  		strcpy(work+lastslashidx, "olwork");
>  		if (mkdir(work, 0755) < 0) {
>  			SYSERROR("error: mkdir %s", work);
> +			free(delta);

these look good,

>  			free(work);
>  			return -1;
>  		}
> @@ -2483,8 +2486,10 @@ static int overlayfs_clonepaths(struct bdev *orig, struct bdev *new, const char
>  		}
>  		ret = snprintf(new->src, len, "overlayfs:%s:%s", orig->src, delta);
>  		free(delta);
> -		if (ret < 0 || ret >= len)
> +		if (ret < 0 || ret >= len) {
> +			free(new->src);

This is actually bad, because new was passed in, and we will
call bdev_put() on it.  Since you're not also setting new->src
to NULL, this will cause a double-free.

>  			return -ENOMEM;
> +		}
>  	} else if (strcmp(orig->type, "overlayfs") == 0) {
>  		// What exactly do we want to do here?
>  		// I think we want to use the original lowerdir, with a
> @@ -2548,8 +2553,10 @@ static int overlayfs_clonepaths(struct bdev *orig, struct bdev *new, const char
>  		ret = snprintf(new->src, len, "overlayfs:%s:%s", nsrc, ndelta);
>  		free(osrc);
>  		free(ndelta);
> -		if (ret < 0 || ret >= len)
> +		if (ret < 0 || ret >= len) {
> +			free(new->src);

ditto

>  			return -ENOMEM;
> +		}
>  
>  		return ovl_do_rsync(orig, new, conf);
>  	} else {
> -- 
> 2.5.3
> 
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel