diff --git a/libvirt-qemu_namespace-Don-t-leak-memory-in-qemuDomainGetPreservedMounts.patch b/libvirt-qemu_namespace-Don-t-leak-memory-in-qemuDomainGetPreservedMounts.patch new file mode 100644 index 0000000..10419d6 --- /dev/null +++ b/libvirt-qemu_namespace-Don-t-leak-memory-in-qemuDomainGetPreservedMounts.patch @@ -0,0 +1,57 @@ +From 77b0485ba92fe5f0520321385af8a7581c286df1 Mon Sep 17 00:00:00 2001 +Message-Id: <77b0485ba92fe5f0520321385af8a7581c286df1@dist-git> +From: Michal Privoznik +Date: Mon, 31 Oct 2022 15:38:13 +0100 +Subject: [PATCH] qemu_namespace: Don't leak memory in + qemuDomainGetPreservedMounts() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The aim of qemuDomainGetPreservedMounts() is to get a list of +filesystems mounted under /dev and optionally generate a path for +each one where they are moved temporarily when building the +namespace. And the function tries to be a bit clever about it. +For instance, if /dev/shm mount point exists, there's no need to +consider /dev/shm/a nor /dev/shm/b as preserving just 'top level' +/dev/shm gives the same result. To achieve this, the function +iterates over the list of filesystem as returned by +virFileGetMountSubtree() and removes the nested ones. However, it +does so in a bit clumsy way: plain VIR_DELETE_ELEMENT() is used +without freeing the string itself. Therefore, if all three +aforementioned example paths appeared on the list, /dev/shm/a and +/dev/shm/b strings would be leaked. + +And when I think about it more, there's no real need to shrink +the array down (realloc()). It's going to be free()-d when +returning from the function. Switch to +VIR_DELETE_ELEMENT_INPLACE() then. + +Fixes: cdd9205dfffa3aaed935446a41f0d2dd1357c268 +Signed-off-by: Michal Privoznik +Reviewed-by: Peter Krempa +Reviewed-by: Ján Tomko +(cherry picked from commit bca7a53333ead7c1afd178728de74c2977cd4b5e) +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2166573 +Signed-off-by: Michal Privoznik +--- + src/qemu/qemu_namespace.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c +index 74ffd6fb90..2f50087c1d 100644 +--- a/src/qemu/qemu_namespace.c ++++ b/src/qemu/qemu_namespace.c +@@ -160,7 +160,8 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfig *cfg, + + if (c && (*c == '/' || *c == '\0')) { + VIR_DEBUG("Dropping path %s because of %s", mounts[j], mounts[i]); +- VIR_DELETE_ELEMENT(mounts, j, nmounts); ++ VIR_FREE(mounts[j]); ++ VIR_DELETE_ELEMENT_INPLACE(mounts, j, nmounts); + } else { + j++; + } +-- +2.39.1 + diff --git a/libvirt.spec b/libvirt.spec index e07ec64..8efdf22 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -210,7 +210,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 8.0.0 -Release: 15%{?dist}%{?extra_release} +Release: 16%{?dist}%{?extra_release} License: LGPLv2+ URL: https://libvirt.org/ @@ -301,6 +301,7 @@ Patch78: libvirt-nodedev-add-optional-device-address-of-channel-device-to-css-de Patch79: libvirt-nodedev-add-tests-for-optional-device-address-to-css-device.patch Patch80: libvirt-nodedev-prevent-internal-error-on-dev_busid-parse.patch Patch81: libvirt-rpc-Fix-memory-leak-of-fds.patch +Patch82: libvirt-qemu_namespace-Don-t-leak-memory-in-qemuDomainGetPreservedMounts.patch Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -2180,6 +2181,9 @@ exit 0 %changelog +* Wed Feb 8 2023 Jiri Denemark - 8.0.0-16 +- qemu_namespace: Don't leak memory in qemuDomainGetPreservedMounts() (rhbz#2166573) + * Tue Jan 31 2023 Jiri Denemark - 8.0.0-15 - nodedev: fix reported error msg in css cap XML parsing (rhbz#2165011) - util: refactor virDomainDeviceCCWAddress into virccw.h (rhbz#2165011)