From 9f7da130f421632c1e94e4e89ae87beb1b1c0d02 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Mon, 17 Mar 2014 11:58:34 +0000 Subject: [PATCH] Fix leak on OOM when creating nwfilter rule instances The ebiptablesAddRuleInst method would leak an instance of ebiptablesRuleInstPtr if it hit OOM when adding it to the list of instances. Remove the pointless helper method virNWFilterRuleInstAddData and just inline the call to VIR_APPEND_ELEMENT and free the instance on failure. Signed-off-by: Daniel P. Berrange --- src/nwfilter/nwfilter_ebiptables_driver.c | 6 +++++- src/nwfilter/nwfilter_gentech_driver.c | 22 ---------------------- src/nwfilter/nwfilter_gentech_driver.h | 3 --- 3 files changed, 5 insertions(+), 26 deletions(-) diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c index 34107a2cc3..d0acb23658 100644 --- a/src/nwfilter/nwfilter_ebiptables_driver.c +++ b/src/nwfilter/nwfilter_ebiptables_driver.c @@ -507,7 +507,11 @@ ebiptablesAddRuleInst(virNWFilterRuleInstPtr res, inst->priority = priority; inst->ruleType = ruleType; - return virNWFilterRuleInstAddData(res, inst); + if (VIR_APPEND_ELEMENT(res->data, res->ndata, inst) < 0) { + VIR_FREE(inst); + return -1; + } + return 0; } diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter_gentech_driver.c index 5c3b25edc3..1e9b3d2dfe 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -115,28 +115,6 @@ virNWFilterTechDriverForName(const char *name) } -/** - * virNWFilterRuleInstAddData: - * @res : pointer to virNWFilterRuleInst object collecting the instantiation - * data of a single firewall rule. - * @data : the opaque data that the driver wants to add - * - * Add instantiation data to a firewall rule. An instantiated firewall - * rule may hold multiple data structure representing its instantiation - * data. This may for example be the case if a rule has been defined - * for bidirectional traffic and data needs to be added to the incoming - * and outgoing chains. - * - * Returns 0 in case of success, -1 in case of an error. - */ -int -virNWFilterRuleInstAddData(virNWFilterRuleInstPtr res, - void *data) -{ - return VIR_APPEND_ELEMENT(res->data, res->ndata, data); -} - - static void virNWFilterRuleInstFree(virNWFilterRuleInstPtr inst) { diff --git a/src/nwfilter/nwfilter_gentech_driver.h b/src/nwfilter/nwfilter_gentech_driver.h index d72e040725..52bd1f6777 100644 --- a/src/nwfilter/nwfilter_gentech_driver.h +++ b/src/nwfilter/nwfilter_gentech_driver.h @@ -28,9 +28,6 @@ virNWFilterTechDriverPtr virNWFilterTechDriverForName(const char *name); -int virNWFilterRuleInstAddData(virNWFilterRuleInstPtr res, - void *data); - int virNWFilterTechDriversInit(bool privileged); void virNWFilterTechDriversShutdown(void);