From 0696ae2c9236a3589f5eaf5b00c12868b6f30a17 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Fri, 14 Jul 2017 11:31:05 +0100 Subject: [PATCH 1/3] qcow: fix memory leaks related to encryption Fix leak of the 'encryptopts' string, which was mistakenly declared const. Fix leak of QemuOpts entry which should not have been deleted from the opts array. Reported by: coverity Signed-off-by: Daniel P. Berrange Message-id: 20170714103105.5781-1-berrange@redhat.com Reviewed-by: Eric Blake Signed-off-by: Max Reitz --- block/qcow.c | 5 +++-- block/qcow2.c | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/block/qcow.c b/block/qcow.c index 66827d6f24..c08cdc4a7b 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -768,7 +768,7 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp) Error *local_err = NULL; int ret; BlockBackend *qcow_blk; - const char *encryptfmt = NULL; + char *encryptfmt = NULL; QDict *options; QDict *encryptopts = NULL; QCryptoBlockCreateOptions *crypto_opts = NULL; @@ -793,7 +793,7 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp) goto cleanup; } } else if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) { - encryptfmt = "aes"; + encryptfmt = g_strdup("aes"); } ret = bdrv_create_file(filename, opts, &local_err); @@ -908,6 +908,7 @@ exit: blk_unref(qcow_blk); cleanup: QDECREF(encryptopts); + g_free(encryptfmt); qcrypto_block_free(crypto); qapi_free_QCryptoBlockCreateOptions(crypto_opts); g_free(backing_file); diff --git a/block/qcow2.c b/block/qcow2.c index 90efa4477b..d7c600b5a2 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -2905,7 +2905,7 @@ static int qcow2_create(const char *filename, QemuOpts *opts, Error **errp) int version; uint64_t refcount_bits; int refcount_order; - const char *encryptfmt = NULL; + char *encryptfmt = NULL; Error *local_err = NULL; int ret; @@ -2916,14 +2916,14 @@ static int qcow2_create(const char *filename, QemuOpts *opts, Error **errp) backing_fmt = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FMT); encryptfmt = qemu_opt_get_del(opts, BLOCK_OPT_ENCRYPT_FORMAT); if (encryptfmt) { - if (qemu_opt_get_del(opts, BLOCK_OPT_ENCRYPT)) { + if (qemu_opt_get(opts, BLOCK_OPT_ENCRYPT)) { error_setg(errp, "Options " BLOCK_OPT_ENCRYPT " and " BLOCK_OPT_ENCRYPT_FORMAT " are mutually exclusive"); ret = -EINVAL; goto finish; } } else if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) { - encryptfmt = "aes"; + encryptfmt = g_strdup("aes"); } cluster_size = qcow2_opt_get_cluster_size_del(opts, &local_err); if (local_err) { @@ -2983,6 +2983,7 @@ static int qcow2_create(const char *filename, QemuOpts *opts, Error **errp) finish: g_free(backing_file); g_free(backing_fmt); + g_free(encryptfmt); g_free(buf); return ret; } From b6b75a99dab760c902c3d355519e0dc2616872e1 Mon Sep 17 00:00:00 2001 From: Vladimir Sementsov-Ogievskiy Date: Fri, 14 Jul 2017 15:33:41 +0300 Subject: [PATCH 2/3] qcow2-bitmap: fix bitmap_free Fix possible crash on error path in qcow2_remove_persistent_dirty_bitmap. Although bitmap_free was added in 88ddffae8fc the bug was introduced later in commit 469c71edc72 (when qcow2_remove_persistent_dirty_bitmap was added). Signed-off-by: Vladimir Sementsov-Ogievskiy Reviewed-by: Eric Blake Message-id: 20170714123341.373857-1-vsementsov@virtuozzo.com Signed-off-by: Max Reitz --- block/qcow2-bitmap.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/block/qcow2-bitmap.c b/block/qcow2-bitmap.c index 3e8735a20d..e8d3bdbd6e 100644 --- a/block/qcow2-bitmap.c +++ b/block/qcow2-bitmap.c @@ -487,6 +487,10 @@ static inline void bitmap_directory_to_be(uint8_t *dir, size_t size) static void bitmap_free(Qcow2Bitmap *bm) { + if (bm == NULL) { + return; + } + g_free(bm->name); g_free(bm); } From bd998d7cc8ced211def90e4225042d63dddecc54 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Tue, 25 Jul 2017 10:59:36 +0200 Subject: [PATCH 3/3] qemu-iotests: Fix reference output for 186 Commits 70f17a1 ('error: Revert unwanted change of warning messages') and e1824e5 ('qemu-iotests: Test 'info block'') had a semantic merge conflict, which results in failure for qemu-iotests case 186. Fix the reference output to consider the changes of 70f17a1. Signed-off-by: Kevin Wolf Message-id: 1500973176-29235-1-git-send-email-kwolf@redhat.com Reviewed-by: Markus Armbruster Reviewed-by: Stefan Hajnoczi Signed-off-by: Max Reitz --- tests/qemu-iotests/186.out | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/qemu-iotests/186.out b/tests/qemu-iotests/186.out index b963b12d64..b8bf9a2550 100644 --- a/tests/qemu-iotests/186.out +++ b/tests/qemu-iotests/186.out @@ -442,7 +442,7 @@ ide0-cd0 (NODE_NAME): null-co:// (null-co, read-only) Cache mode: writeback (qemu) quit -warning: qemu-system-x86_64: -drive if=scsi,driver=null-co: bus=0,unit=0 is deprecated with this machine type +qemu-system-x86_64: -drive if=scsi,driver=null-co: warning: bus=0,unit=0 is deprecated with this machine type Testing: -drive if=scsi,driver=null-co QEMU X.Y.Z monitor - type 'help' for more information (qemu) info block @@ -451,7 +451,7 @@ scsi0-hd0 (NODE_NAME): null-co:// (null-co) Cache mode: writeback (qemu) quit -warning: qemu-system-x86_64: -drive if=scsi,media=cdrom: bus=0,unit=0 is deprecated with this machine type +qemu-system-x86_64: -drive if=scsi,media=cdrom: warning: bus=0,unit=0 is deprecated with this machine type Testing: -drive if=scsi,media=cdrom QEMU X.Y.Z monitor - type 'help' for more information (qemu) info block @@ -460,7 +460,7 @@ scsi0-cd0: [not inserted] Removable device: not locked, tray closed (qemu) quit -warning: qemu-system-x86_64: -drive if=scsi,driver=null-co,media=cdrom: bus=0,unit=0 is deprecated with this machine type +qemu-system-x86_64: -drive if=scsi,driver=null-co,media=cdrom: warning: bus=0,unit=0 is deprecated with this machine type Testing: -drive if=scsi,driver=null-co,media=cdrom QEMU X.Y.Z monitor - type 'help' for more information (qemu) info block