diff mbox series

[1/5] xfs_db: fix leak in flist_find_ftyp()

Message ID 20240416123427.614899-2-aalbersh@redhat.com (mailing list archive)
State Superseded, archived
Headers show
Series xfsprogs random fixes found by Coverity scan | expand

Commit Message

Andrey Albershteyn April 16, 2024, 12:34 p.m. UTC
When count is zero fl reference is lost. Fix it by freeing the list.

Fixes: a0d79cb37a36 ("xfs_db: make flist_find_ftyp() to check for field existance on disk")
Signed-off-by: Andrey Albershteyn <aalbersh@redhat.com>
---
 db/flist.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

Darrick J. Wong April 16, 2024, 4:07 p.m. UTC | #1
On Tue, Apr 16, 2024 at 02:34:23PM +0200, Andrey Albershteyn wrote:
> When count is zero fl reference is lost. Fix it by freeing the list.
> 
> Fixes: a0d79cb37a36 ("xfs_db: make flist_find_ftyp() to check for field existance on disk")
> Signed-off-by: Andrey Albershteyn <aalbersh@redhat.com>

Yep, that's a leak.
Reviewed-by: Darrick J. Wong <djwong@kernel.org>

--D

> ---
>  db/flist.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/db/flist.c b/db/flist.c
> index c81d229ab99c..0a6cc5fcee43 100644
> --- a/db/flist.c
> +++ b/db/flist.c
> @@ -424,8 +424,10 @@ flist_find_ftyp(
>  		if (f->ftyp == type)
>  			return fl;
>  		count = fcount(f, obj, startoff);
> -		if (!count)
> +		if (!count) {
> +			flist_free(fl);
>  			continue;
> +		}
>  		fa = &ftattrtab[f->ftyp];
>  		if (fa->subfld) {
>  			flist_t *nfl;
> -- 
> 2.42.0
> 
>
Christoph Hellwig April 16, 2024, 4:32 p.m. UTC | #2
On Tue, Apr 16, 2024 at 02:34:23PM +0200, Andrey Albershteyn wrote:
> +		if (!count) {
> +			flist_free(fl);
>  			continue;
> +		}

This looks good.  The more obvious way would be move the whole
loop body into a helper with two clear exits, one that returns
fl, and one that frees it and returns NULL..
diff mbox series

Patch

diff --git a/db/flist.c b/db/flist.c
index c81d229ab99c..0a6cc5fcee43 100644
--- a/db/flist.c
+++ b/db/flist.c
@@ -424,8 +424,10 @@  flist_find_ftyp(
 		if (f->ftyp == type)
 			return fl;
 		count = fcount(f, obj, startoff);
-		if (!count)
+		if (!count) {
+			flist_free(fl);
 			continue;
+		}
 		fa = &ftattrtab[f->ftyp];
 		if (fa->subfld) {
 			flist_t *nfl;