sim-card
/
qemu
Archived
10
0
Fork 0
Code Releases Activity

block: replace unchecked strdup/malloc/calloc with glib 

Most of the codebase as been converted to use glib memory allocation
functions.  There are still a few instances of malloc/calloc in the
block layer and qemu-io.  Replace them, especially since they do not
check the strdup/malloc/calloc return value.

Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit is contained in:
Stefan Hajnoczi 2012-01-16 09:28:06 +00:00 committed by Kevin Wolf
parent bd60324706
commit 031380d877
3 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
block/blkdebug.c
View File

@ -292,10 +292,10 @@ static int blkdebug_open(BlockDriverState *bs, const char *filename, int flags)
return -EINVAL;
}
config = strdup(filename);
config = g_strdup(filename);
config[c - filename] = '\0';
ret = read_config(s, config);
free(config);
g_free(config);
if (ret < 0) {
return ret;
}

4
block/blkverify.c
View File

@ -87,10 +87,10 @@ static int blkverify_open(BlockDriverState *bs, const char *filename, int flags)
return -EINVAL;
}
raw = strdup(filename);
raw = g_strdup(filename);
raw[c - filename] = '\0';
ret = bdrv_file_open(&bs->file, raw, flags);
free(raw);
g_free(raw);
if (ret < 0) {
return ret;
}

48
qemu-io.c
View File

@ -130,7 +130,7 @@ static void print_report(const char *op, struct timeval *t, int64_t offset,
static void *
create_iovec(QEMUIOVector *qiov, char **argv, int nr_iov, int pattern)
{
size_t *sizes = calloc(nr_iov, sizeof(size_t));
size_t *sizes = g_new0(size_t, nr_iov);
size_t count = 0;
void *buf = NULL;
void *p;
@ -172,7 +172,7 @@ create_iovec(QEMUIOVector *qiov, char **argv, int nr_iov, int pattern)
}
fail:
free(sizes);
g_free(sizes);
return buf;
}
@ -471,14 +471,14 @@ static int read_f(int argc, char **argv)
}
if (Pflag) {
void *cmp_buf = malloc(pattern_count);
void *cmp_buf = g_malloc(pattern_count);
memset(cmp_buf, pattern, pattern_count);
if (memcmp(buf + pattern_offset, cmp_buf, pattern_count)) {
printf("Pattern verification failed at offset %"
PRId64 ", %d bytes\n",
offset + pattern_offset, pattern_count);
}
free(cmp_buf);
g_free(cmp_buf);
}
if (qflag) {
@ -601,13 +601,13 @@ static int readv_f(int argc, char **argv)
}
if (Pflag) {
void *cmp_buf = malloc(qiov.size);
void *cmp_buf = g_malloc(qiov.size);
memset(cmp_buf, pattern, qiov.size);
if (memcmp(buf, cmp_buf, qiov.size)) {
printf("Pattern verification failed at offset %"
PRId64 ", %zd bytes\n", offset, qiov.size);
}
free(cmp_buf);
g_free(cmp_buf);
}
if (qflag) {
@ -1063,7 +1063,7 @@ static void aio_write_done(void *opaque, int ret)
ctx->qiov.size, 1, ctx->Cflag);
out:
qemu_io_free(ctx->buf);
free(ctx);
g_free(ctx);
}
static void aio_read_done(void *opaque, int ret)
@ -1079,14 +1079,14 @@ static void aio_read_done(void *opaque, int ret)
}
if (ctx->Pflag) {
void *cmp_buf = malloc(ctx->qiov.size);
void *cmp_buf = g_malloc(ctx->qiov.size);
memset(cmp_buf, ctx->pattern, ctx->qiov.size);
if (memcmp(ctx->buf, cmp_buf, ctx->qiov.size)) {
printf("Pattern verification failed at offset %"
PRId64 ", %zd bytes\n", ctx->offset, ctx->qiov.size);
}
free(cmp_buf);
g_free(cmp_buf);
}
if (ctx->qflag) {
@ -1103,7 +1103,7 @@ static void aio_read_done(void *opaque, int ret)
ctx->qiov.size, 1, ctx->Cflag);
out:
qemu_io_free(ctx->buf);
free(ctx);
g_free(ctx);
}
static void aio_read_help(void)
@ -1141,7 +1141,7 @@ static const cmdinfo_t aio_read_cmd = {
static int aio_read_f(int argc, char **argv)
{
int nr_iov, c;
struct aio_ctx *ctx = calloc(1, sizeof(struct aio_ctx));
struct aio_ctx *ctx = g_new0(struct aio_ctx, 1);
while ((c = getopt(argc, argv, "CP:qv")) != EOF) {
switch (c) {
@ -1152,7 +1152,7 @@ static int aio_read_f(int argc, char **argv)
ctx->Pflag = 1;
ctx->pattern = parse_pattern(optarg);
if (ctx->pattern < 0) {
free(ctx);
g_free(ctx);
return 0;
}
break;
@ -1163,20 +1163,20 @@ static int aio_read_f(int argc, char **argv)
ctx->vflag = 1;
break;
default:
free(ctx);
g_free(ctx);
return command_usage(&aio_read_cmd);
}
}
if (optind > argc - 2) {
free(ctx);
g_free(ctx);
return command_usage(&aio_read_cmd);
}
ctx->offset = cvtnum(argv[optind]);
if (ctx->offset < 0) {
printf("non-numeric length argument -- %s\n", argv[optind]);
free(ctx);
g_free(ctx);
return 0;
}
optind++;
@ -1184,14 +1184,14 @@ static int aio_read_f(int argc, char **argv)
if (ctx->offset & 0x1ff) {
printf("offset %" PRId64 " is not sector aligned\n",
ctx->offset);
free(ctx);
g_free(ctx);
return 0;
}
nr_iov = argc - optind;
ctx->buf = create_iovec(&ctx->qiov, &argv[optind], nr_iov, 0xab);
if (ctx->buf == NULL) {
free(ctx);
g_free(ctx);
return 0;
}
@ -1237,7 +1237,7 @@ static int aio_write_f(int argc, char **argv)
{
int nr_iov, c;
int pattern = 0xcd;
struct aio_ctx *ctx = calloc(1, sizeof(struct aio_ctx));
struct aio_ctx *ctx = g_new0(struct aio_ctx, 1);
while ((c = getopt(argc, argv, "CqP:")) != EOF) {
switch (c) {
@ -1250,25 +1250,25 @@ static int aio_write_f(int argc, char **argv)
case 'P':
pattern = parse_pattern(optarg);
if (pattern < 0) {
free(ctx);
g_free(ctx);
return 0;
}
break;
default:
free(ctx);
g_free(ctx);
return command_usage(&aio_write_cmd);
}
}
if (optind > argc - 2) {
free(ctx);
g_free(ctx);
return command_usage(&aio_write_cmd);
}
ctx->offset = cvtnum(argv[optind]);
if (ctx->offset < 0) {
printf("non-numeric length argument -- %s\n", argv[optind]);
free(ctx);
g_free(ctx);
return 0;
}
optind++;
@ -1276,14 +1276,14 @@ static int aio_write_f(int argc, char **argv)
if (ctx->offset & 0x1ff) {
printf("offset %" PRId64 " is not sector aligned\n",
ctx->offset);
free(ctx);
g_free(ctx);
return 0;
}
nr_iov = argc - optind;
ctx->buf = create_iovec(&ctx->qiov, &argv[optind], nr_iov, pattern);
if (ctx->buf == NULL) {
free(ctx);
g_free(ctx);
return 0;
}