From 0b6143eb9a7632b5e56d020825e9c97ed4399045 Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Wed, 29 Mar 2017 13:36:15 +0200
Subject: [PATCH] conf: Fix possible memleak in capabilities

If formatting NUMA topology fails, the function returns immediatelly,
but the buffer structure allocated on the stack references lot of
heap-allocated memory and that would get lost in such case.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit 6369ee0483b99ec4d2e624e9a32e35b7bdd9ab8a)
---
 src/conf/capabilities.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/conf/capabilities.c b/src/conf/capabilities.c
index 08907aced1..be95c50cfb 100644
--- a/src/conf/capabilities.c
+++ b/src/conf/capabilities.c
@@ -955,7 +955,7 @@ virCapabilitiesFormatXML(virCapsPtr caps)
     if (caps->host.nnumaCell &&
         virCapabilitiesFormatNUMATopology(&buf, caps->host.nnumaCell,
                                           caps->host.numaCell) < 0)
-        return NULL;
+        goto error;
 
     for (i = 0; i < caps->host.nsecModels; i++) {
         virBufferAddLit(&buf, "<secmodel>\n");
@@ -1072,6 +1072,10 @@ virCapabilitiesFormatXML(virCapsPtr caps)
         return NULL;
 
     return virBufferContentAndReset(&buf);
+
+ error:
+    virBufferFreeAndReset(&buf);
+    return NULL;
 }
 
 /* get the maximum ID of cpus in the host */