[lxc-devel] [lxc/master] Fixes for analysed code

Sat Oct 28 21:50:04 UTC 2017

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 1023 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20171028/a6dd2ed3/attachment.bin>
-------------- next part --------------
From 62c11afa41bd8a9aaa3d0c28cf203daf9a843467 Mon Sep 17 00:00:00 2001
From: Roman Kalashnikov <lunix0x at gmail.com>
Date: Sun, 29 Oct 2017 00:35:47 +0300
Subject: [PATCH 1/2] Fixed conditions

---
 src/lxc/cgroups/cgfs.c | 5 ++---
 src/lxc/start.c        | 6 ++----
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/src/lxc/cgroups/cgfs.c b/src/lxc/cgroups/cgfs.c
index bcbd66134..3cabc7a67 100644
--- a/src/lxc/cgroups/cgfs.c
+++ b/src/lxc/cgroups/cgfs.c
@@ -656,7 +656,7 @@ static struct cgroup_hierarchy *lxc_cgroup_find_hierarchy(struct cgroup_meta_dat
 		struct cgroup_hierarchy *h = meta_data->hierarchies[i];
 		if (!h)
 			continue;
-		if (h && lxc_string_in_array(subsystem, (const char **)h->subsystems))
+		if (lxc_string_in_array(subsystem, (const char **)h->subsystems))
 			return h;
 	}
 	return NULL;
@@ -1769,8 +1769,7 @@ lxc_cgroup_process_info_getx(const char *proc_pid_cgroup_str,
 
 out_error:
 	saved_errno = errno;
-	if (proc_pid_cgroup)
-		fclose(proc_pid_cgroup);
+	fclose(proc_pid_cgroup);
 	lxc_cgroup_process_info_free(result);
 	lxc_cgroup_process_info_free(entry);
 	free(line);
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 7748dbf61..aa578caca 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1001,10 +1001,8 @@ static int do_start(void *data)
 			goto out_warn_father;
 		}
 
-	if (devnull_fd >= 0) {
-		close(devnull_fd);
-		devnull_fd = -1;
-	}
+	close(devnull_fd);
+	devnull_fd = -1;
 
 	setsid();
 

From 96f0448d9260ffb9aee203fa59417d34c53a9c6e Mon Sep 17 00:00:00 2001
From: Roman Kalashnikov <lunix0x at gmail.com>
Date: Sun, 29 Oct 2017 00:47:10 +0300
Subject: [PATCH 2/2] Fixed possible memory leak

---
 src/lxc/lxccontainer.c  | 9 ++++++---
 src/lxc/storage/rsync.c | 4 +++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index efb1bf7ae..0ad0998d4 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -4404,21 +4404,24 @@ static int do_lxcapi_migrate(struct lxc_container *c, unsigned int cmd,
 	case MIGRATE_PRE_DUMP:
 		if (!do_lxcapi_is_running(c)) {
 			ERROR("container is not running");
-			return false;
+			ret = false;
+			break;
 		}
 		ret = !__criu_pre_dump(c, valid_opts);
 		break;
 	case MIGRATE_DUMP:
 		if (!do_lxcapi_is_running(c)) {
 			ERROR("container is not running");
-			return false;
+			ret = false;
+			break;
 		}
 		ret = !__criu_dump(c, valid_opts);
 		break;
 	case MIGRATE_RESTORE:
 		if (do_lxcapi_is_running(c)) {
 			ERROR("container is already running");
-			return false;
+			ret = false;
+			break;
 		}
 		ret = !__criu_restore(c, valid_opts);
 		break;
diff --git a/src/lxc/storage/rsync.c b/src/lxc/storage/rsync.c
index 55c9504e7..6abf745a9 100644
--- a/src/lxc/storage/rsync.c
+++ b/src/lxc/storage/rsync.c
@@ -73,8 +73,10 @@ int lxc_rsync_exec(const char *src, const char *dest)
 		return -1;
 
 	ret = snprintf(s, l, "%s", src);
-	if (ret < 0 || (size_t)ret >= l)
+	if (ret < 0 || (size_t)ret >= l) {
+		free(s);
 		return -1;
+	}
 
 	s[l - 2] = '/';
 	s[l - 1] = '\0';
