External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-08-27 19:11:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

nwfilter: convert local pointers to use g_auto*

Browse Source 
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Laine Stump 2020-06-24 21:59:39 -04:00
parent 6f1af2fe25
commit fae0a0e5a4
4 changed files with 61 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
src/nwfilter/nwfilter_dhcpsnoop.c
View File

@ -292,18 +292,17 @@ static const unsigned char dhcp_magic[4] = { 99, 130, 83, 99 };
static char * static char *
virNWFilterSnoopActivate(virNWFilterSnoopReqPtr req) virNWFilterSnoopActivate(virNWFilterSnoopReqPtr req)
{ {
char *key; g_autofree char *key = g_strdup_printf("%p-%d", req, req->ifindex);
char *ret = NULL;
key = g_strdup_printf("%p-%d", req, req->ifindex);
virNWFilterSnoopActiveLock(); virNWFilterSnoopActiveLock();
if (virHashAddEntry(virNWFilterSnoopState.active, key, (void *)0x1) < 0) if (virHashAddEntry(virNWFilterSnoopState.active, key, (void *)0x1) == 0)
VIR_FREE(key); ret = g_steal_pointer(&key);
virNWFilterSnoopActiveUnlock(); virNWFilterSnoopActiveUnlock();
return key; return ret;
} }
static void static void
@ -442,11 +441,10 @@ static int
virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIPLeasePtr ipl, virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIPLeasePtr ipl,
bool instantiate) bool instantiate)
{ {
char *ipaddr; g_autofree char *ipaddr = virSocketAddrFormat(&ipl->ipAddress);
int rc = -1; int rc = -1;
virNWFilterSnoopReqPtr req; virNWFilterSnoopReqPtr req;
ipaddr = virSocketAddrFormat(&ipl->ipAddress);
if (!ipaddr) if (!ipaddr)
return -1; return -1;
@ -473,9 +471,6 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIPLeasePtr ipl,
cleanup: cleanup:
virNWFilterSnoopReqUnlock(req); virNWFilterSnoopReqUnlock(req);
VIR_FREE(ipaddr);
return rc; return rc;
} }
@ -551,7 +546,7 @@ virNWFilterSnoopReqGet(virNWFilterSnoopReqPtr req)
static virNWFilterSnoopReqPtr static virNWFilterSnoopReqPtr
virNWFilterSnoopReqNew(const char *ifkey) virNWFilterSnoopReqNew(const char *ifkey)
{ {
virNWFilterSnoopReqPtr req; g_autofree virNWFilterSnoopReqPtr req = g_new0(virNWFilterSnoopReq, 1);
if (ifkey == NULL || strlen(ifkey) != VIR_IFKEY_LEN - 1) { if (ifkey == NULL || strlen(ifkey) != VIR_IFKEY_LEN - 1) {
virReportError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
@ -562,28 +557,20 @@ virNWFilterSnoopReqNew(const char *ifkey)
return NULL; return NULL;
} }
req = g_new0(virNWFilterSnoopReq, 1);
req->threadStatus = THREAD_STATUS_NONE; req->threadStatus = THREAD_STATUS_NONE;
if (virStrcpyStatic(req->ifkey, ifkey) < 0|| if (virStrcpyStatic(req->ifkey, ifkey) < 0 ||
virMutexInitRecursive(&req->lock) < 0) virMutexInitRecursive(&req->lock) < 0) {
goto err_free_req; return NULL;
}
if (virCondInit(&req->threadStatusCond) < 0) if (virCondInit(&req->threadStatusCond) < 0) {
goto err_destroy_mutex; virMutexDestroy(&req->lock);
return NULL;
}
virNWFilterSnoopReqGet(req); virNWFilterSnoopReqGet(req);
return g_steal_pointer(&req);
return req;
err_destroy_mutex:
virMutexDestroy(&req->lock);
err_free_req:
VIR_FREE(req);
return NULL;
} }
/* /*
@ -815,7 +802,7 @@ virNWFilterSnoopReqLeaseDel(virNWFilterSnoopReqPtr req,
{ {
int ret = 0; int ret = 0;
virNWFilterSnoopIPLeasePtr ipl; virNWFilterSnoopIPLeasePtr ipl;
char *ipstr = NULL; g_autofree char *ipstr = NULL;
/* protect req->start, req->ifname and the lease */ /* protect req->start, req->ifname and the lease */
virNWFilterSnoopReqLock(req); virNWFilterSnoopReqLock(req);
@ -868,8 +855,6 @@ virNWFilterSnoopReqLeaseDel(virNWFilterSnoopReqPtr req,
ignore_value(!!g_atomic_int_dec_and_test(&virNWFilterSnoopState.nLeases)); ignore_value(!!g_atomic_int_dec_and_test(&virNWFilterSnoopState.nLeases));
lease_not_found: lease_not_found:
VIR_FREE(ipstr);
virNWFilterSnoopReqUnlock(req); virNWFilterSnoopReqUnlock(req);
return ret; return ret;
@ -1045,7 +1030,7 @@ virNWFilterSnoopDHCPOpen(const char *ifname, virMacAddr *mac,
pcap_t *handle = NULL; pcap_t *handle = NULL;
struct bpf_program fp; struct bpf_program fp;
char pcap_errbuf[PCAP_ERRBUF_SIZE]; char pcap_errbuf[PCAP_ERRBUF_SIZE];
char *ext_filter = NULL; g_autofree char *ext_filter = NULL;
char macaddr[VIR_MAC_STRING_BUFLEN]; char macaddr[VIR_MAC_STRING_BUFLEN];
virMacAddrFormat(mac, macaddr); virMacAddrFormat(mac, macaddr);
@ -1075,7 +1060,7 @@ virNWFilterSnoopDHCPOpen(const char *ifname, virMacAddr *mac,
if (handle == NULL) { if (handle == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("pcap_create failed")); _("pcap_create failed"));
goto cleanup_nohandle; return NULL;
} }
if (pcap_set_snaplen(handle, PCAP_PBUFSIZE) < 0 || if (pcap_set_snaplen(handle, PCAP_PBUFSIZE) < 0 ||
@ -1107,17 +1092,12 @@ virNWFilterSnoopDHCPOpen(const char *ifname, virMacAddr *mac,
} }
pcap_freecode(&fp); pcap_freecode(&fp);
VIR_FREE(ext_filter);
return handle; return handle;
cleanup_freecode: cleanup_freecode:
pcap_freecode(&fp); pcap_freecode(&fp);
cleanup: cleanup:
pcap_close(handle); pcap_close(handle);
cleanup_nohandle:
VIR_FREE(ext_filter);
return NULL; return NULL;
} }
@ -1128,7 +1108,7 @@ virNWFilterSnoopDHCPOpen(const char *ifname, virMacAddr *mac,
static void virNWFilterDHCPDecodeWorker(void *jobdata, void *opaque) static void virNWFilterDHCPDecodeWorker(void *jobdata, void *opaque)
{ {
virNWFilterSnoopReqPtr req = opaque; virNWFilterSnoopReqPtr req = opaque;
virNWFilterDHCPDecodeJobPtr job = jobdata; g_autofree virNWFilterDHCPDecodeJobPtr job = jobdata;
virNWFilterSnoopEthHdrPtr packet = (virNWFilterSnoopEthHdrPtr)job->packet; virNWFilterSnoopEthHdrPtr packet = (virNWFilterSnoopEthHdrPtr)job->packet;
if (virNWFilterSnoopDHCPDecode(req, packet, if (virNWFilterSnoopDHCPDecode(req, packet,
@ -1140,7 +1120,6 @@ static void virNWFilterDHCPDecodeWorker(void *jobdata, void *opaque)
"interface '%s'"), req->binding->portdevname); "interface '%s'"), req->binding->portdevname);
} }
ignore_value(!!g_atomic_int_dec_and_test(job->qCtr)); ignore_value(!!g_atomic_int_dec_and_test(job->qCtr));
VIR_FREE(job);
} }
/* /*
@ -1307,7 +1286,7 @@ virNWFilterDHCPSnoopThread(void *req0)
int errcount = 0; int errcount = 0;
int tmp = -1, rv, n, pollTo; int tmp = -1, rv, n, pollTo;
size_t i; size_t i;
char *threadkey = NULL; g_autofree char *threadkey = NULL;
virThreadPoolPtr worker = NULL; virThreadPoolPtr worker = NULL;
time_t last_displayed = 0, last_displayed_queue = 0; time_t last_displayed = 0, last_displayed_queue = 0;
virNWFilterSnoopPcapConf pcapConf[] = { virNWFilterSnoopPcapConf pcapConf[] = {
@ -1533,8 +1512,6 @@ virNWFilterDHCPSnoopThread(void *req0)
virNWFilterSnoopReqPut(req); virNWFilterSnoopReqPut(req);
VIR_FREE(threadkey);
for (i = 0; i < G_N_ELEMENTS(pcapConf); i++) { for (i = 0; i < G_N_ELEMENTS(pcapConf); i++) {
if (pcapConf[i].handle) if (pcapConf[i].handle)
pcap_close(pcapConf[i].handle); pcap_close(pcapConf[i].handle);
@ -1721,18 +1698,13 @@ static int
virNWFilterSnoopLeaseFileWrite(int lfd, const char *ifkey, virNWFilterSnoopLeaseFileWrite(int lfd, const char *ifkey,
virNWFilterSnoopIPLeasePtr ipl) virNWFilterSnoopIPLeasePtr ipl)
{ {
char *lbuf = NULL; g_autofree char *lbuf = NULL;
char *ipstr, *dhcpstr; g_autofree char *ipstr = virSocketAddrFormat(&ipl->ipAddress);
g_autofree char *dhcpstr = virSocketAddrFormat(&ipl->ipServer);
int len; int len;
int ret = 0;
ipstr = virSocketAddrFormat(&ipl->ipAddress); if (!dhcpstr || !ipstr)
dhcpstr = virSocketAddrFormat(&ipl->ipServer); return -1;
if (!dhcpstr || !ipstr) {
ret = -1;
goto cleanup;
}
/* time intf ip dhcpserver */ /* time intf ip dhcpserver */
lbuf = g_strdup_printf("%u %s %s %s\n", ipl->timeout, ifkey, ipstr, dhcpstr); lbuf = g_strdup_printf("%u %s %s %s\n", ipl->timeout, ifkey, ipstr, dhcpstr);
@ -1740,18 +1712,11 @@ virNWFilterSnoopLeaseFileWrite(int lfd, const char *ifkey,
if (safewrite(lfd, lbuf, len) != len) { if (safewrite(lfd, lbuf, len) != len) {
virReportSystemError(errno, "%s", _("lease file write failed")); virReportSystemError(errno, "%s", _("lease file write failed"));
ret = -1; return -1;
goto cleanup;
} }
ignore_value(g_fsync(lfd)); ignore_value(g_fsync(lfd));
return 0;
cleanup:
VIR_FREE(lbuf);
VIR_FREE(dhcpstr);
VIR_FREE(ipstr);
return ret;
} }
/* /*

75
src/nwfilter/nwfilter_ebiptables_driver.c
View File

@ -188,10 +188,10 @@ _printDataType(virNWFilterVarCombIterPtr vars,
bool asHex, bool directionIn) bool asHex, bool directionIn)
{ {
bool done; bool done;
char *data; g_autofree char *data = NULL;
uint8_t ctr; uint8_t ctr;
g_auto(virBuffer) vb = VIR_BUFFER_INITIALIZER; g_auto(virBuffer) vb = VIR_BUFFER_INITIALIZER;
char *flags; g_autofree char *flags = NULL;
if (printVar(vars, buf, bufsize, item, &done) < 0) if (printVar(vars, buf, bufsize, item, &done) < 0)
return -1; return -1;
@ -207,10 +207,8 @@ _printDataType(virNWFilterVarCombIterPtr vars,
if (g_snprintf(buf, bufsize, "%s", data) >= bufsize) { if (g_snprintf(buf, bufsize, "%s", data) >= bufsize) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("buffer too small for IP address")); _("buffer too small for IP address"));
VIR_FREE(data);
return -1; return -1;
} }
VIR_FREE(data);
break; break;
case DATATYPE_IPV6ADDR: case DATATYPE_IPV6ADDR:
@ -221,10 +219,8 @@ _printDataType(virNWFilterVarCombIterPtr vars,
if (g_snprintf(buf, bufsize, "%s", data) >= bufsize) { if (g_snprintf(buf, bufsize, "%s", data) >= bufsize) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("buffer too small for IPv6 address")); _("buffer too small for IPv6 address"));
VIR_FREE(data);
return -1; return -1;
} }
VIR_FREE(data);
break; break;
case DATATYPE_MACADDR: case DATATYPE_MACADDR:
@ -308,10 +304,8 @@ _printDataType(virNWFilterVarCombIterPtr vars,
if (virStrcpy(buf, flags, bufsize) < 0) { if (virStrcpy(buf, flags, bufsize) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Buffer too small for IPSETFLAGS type")); _("Buffer too small for IPSETFLAGS type"));
VIR_FREE(flags);
return -1; return -1;
} }
VIR_FREE(flags);
break; break;
case DATATYPE_STRING: case DATATYPE_STRING:
@ -1187,19 +1181,19 @@ _iptablesCreateRuleInstance(virFirewallPtr fw,
return -1; return -1;
if (HAS_ENTRY_ITEM(&rule->p.tcpHdrFilter.dataTCPFlags)) { if (HAS_ENTRY_ITEM(&rule->p.tcpHdrFilter.dataTCPFlags)) {
char *flags; g_autofree char *mask = NULL;
g_autofree char *flags = NULL;
if (ENTRY_WANT_NEG_SIGN(&rule->p.tcpHdrFilter.dataTCPFlags)) if (ENTRY_WANT_NEG_SIGN(&rule->p.tcpHdrFilter.dataTCPFlags))
virFirewallRuleAddArg(fw, fwrule, "!"); virFirewallRuleAddArg(fw, fwrule, "!");
virFirewallRuleAddArg(fw, fwrule, "--tcp-flags"); virFirewallRuleAddArg(fw, fwrule, "--tcp-flags");
if (!(flags = virNWFilterPrintTCPFlags(rule->p.tcpHdrFilter.dataTCPFlags.u.tcpFlags.mask))) if (!(mask = virNWFilterPrintTCPFlags(rule->p.tcpHdrFilter.dataTCPFlags.u.tcpFlags.mask)))
return -1; return -1;
virFirewallRuleAddArg(fw, fwrule, flags); virFirewallRuleAddArg(fw, fwrule, mask);
VIR_FREE(flags);
if (!(flags = virNWFilterPrintTCPFlags(rule->p.tcpHdrFilter.dataTCPFlags.u.tcpFlags.flags))) if (!(flags = virNWFilterPrintTCPFlags(rule->p.tcpHdrFilter.dataTCPFlags.u.tcpFlags.flags)))
return -1; return -1;
virFirewallRuleAddArg(fw, fwrule, flags); virFirewallRuleAddArg(fw, fwrule, flags);
VIR_FREE(flags);
} }
if (iptablesHandlePortData(fw, fwrule, if (iptablesHandlePortData(fw, fwrule,
@ -1548,7 +1542,9 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
bool directionIn = false; bool directionIn = false;
char chainPrefix[2]; char chainPrefix[2];
bool maySkipICMP, inout = false; bool maySkipICMP, inout = false;
char *matchState = NULL; g_autofree char *matchState1 = NULL;
g_autofree char *matchState2 = NULL;
g_autofree char *matchState3 = NULL;
bool create; bool create;
if ((rule->tt == VIR_NWFILTER_RULE_DIRECTION_IN) || if ((rule->tt == VIR_NWFILTER_RULE_DIRECTION_IN) ||
@ -1562,7 +1558,6 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
maySkipICMP = directionIn || inout; maySkipICMP = directionIn || inout;
create = true; create = true;
matchState = NULL;
if (directionIn && !inout) { if (directionIn && !inout) {
if ((rule->flags & IPTABLES_STATE_FLAGS)) if ((rule->flags & IPTABLES_STATE_FLAGS))
@ -1570,7 +1565,7 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
} }
if (create && (rule->flags & IPTABLES_STATE_FLAGS)) { if (create && (rule->flags & IPTABLES_STATE_FLAGS)) {
if (printStateMatchFlags(rule->flags, &matchState) < 0) if (printStateMatchFlags(rule->flags, &matchState1) < 0)
return -1; return -1;
} }
@ -1583,11 +1578,10 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
rule, rule,
ifname, ifname,
vars, vars,
matchState, false, matchState1, false,
"RETURN", "RETURN",
maySkipICMP); maySkipICMP);
VIR_FREE(matchState);
if (rc < 0) if (rc < 0)
return rc; return rc;
} }
@ -1601,7 +1595,7 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
} }
if (create && (rule->flags & IPTABLES_STATE_FLAGS)) { if (create && (rule->flags & IPTABLES_STATE_FLAGS)) {
if (printStateMatchFlags(rule->flags, &matchState) < 0) if (printStateMatchFlags(rule->flags, &matchState2) < 0)
return -1; return -1;
} }
@ -1614,12 +1608,9 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
rule, rule,
ifname, ifname,
vars, vars,
matchState, false, matchState2, false,
"ACCEPT", "ACCEPT",
maySkipICMP); maySkipICMP);
VIR_FREE(matchState);
if (rc < 0) if (rc < 0)
return rc; return rc;
} }
@ -1633,7 +1624,7 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
create = false; create = false;
} else { } else {
if ((rule->flags & IPTABLES_STATE_FLAGS)) { if ((rule->flags & IPTABLES_STATE_FLAGS)) {
if (printStateMatchFlags(rule->flags, &matchState) < 0) if (printStateMatchFlags(rule->flags, &matchState3) < 0)
return -1; return -1;
} }
} }
@ -1648,10 +1639,9 @@ iptablesCreateRuleInstanceStateCtrl(virFirewallPtr fw,
rule, rule,
ifname, ifname,
vars, vars,
matchState, false, matchState3, false,
"RETURN", "RETURN",
maySkipICMP); maySkipICMP);
VIR_FREE(matchState);
} }
return rc; return rc;
@ -1797,7 +1787,6 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
const char *target; const char *target;
bool hasMask = false; bool hasMask = false;
virFirewallRulePtr fwrule; virFirewallRulePtr fwrule;
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
if (STREQ(chainSuffix, if (STREQ(chainSuffix,
virNWFilterChainSuffixTypeToString( virNWFilterChainSuffixTypeToString(
@ -2320,7 +2309,8 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.dataICMPCodeStart) || HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.dataICMPCodeStart) ||
HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.dataICMPCodeEnd)) { HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.dataICMPCodeEnd)) {
bool lo = false; bool lo = false;
char *r; g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
g_autofree char *r = NULL;
virFirewallRuleAddArg(fw, fwrule, virFirewallRuleAddArg(fw, fwrule,
"--ip6-icmp-type"); "--ip6-icmp-type");
@ -2385,8 +2375,6 @@ ebtablesCreateRuleInstance(virFirewallPtr fw,
r = virBufferContentAndReset(&buf); r = virBufferContentAndReset(&buf);
virFirewallRuleAddArg(fw, fwrule, r); virFirewallRuleAddArg(fw, fwrule, r);
VIR_FREE(r);
} }
break; break;
@ -3295,9 +3283,8 @@ ebtablesGetSubChainInsts(virHashTablePtr chains,
ebtablesSubChainInstPtr **insts, ebtablesSubChainInstPtr **insts,
size_t *ninsts) size_t *ninsts)
{ {
virHashKeyValuePairPtr filter_names; g_autofree virHashKeyValuePairPtr filter_names = NULL;
size_t i; size_t i;
int ret = -1;
filter_names = virHashGetItems(chains, filter_names = virHashGetItems(chains,
ebiptablesFilterOrderSort); ebiptablesFilterOrderSort);
@ -3305,7 +3292,7 @@ ebtablesGetSubChainInsts(virHashTablePtr chains,
return -1; return -1;
for (i = 0; filter_names[i].key; i++) { for (i = 0; filter_names[i].key; i++) {
ebtablesSubChainInstPtr inst; g_autofree ebtablesSubChainInstPtr inst = NULL;
enum l3_proto_idx idx = ebtablesGetProtoIdxByFiltername( enum l3_proto_idx idx = ebtablesGetProtoIdxByFiltername(
filter_names[i].key); filter_names[i].key);
@ -3318,18 +3305,11 @@ ebtablesGetSubChainInsts(virHashTablePtr chains,
inst->protoidx = idx; inst->protoidx = idx;
inst->filtername = filter_names[i].key; inst->filtername = filter_names[i].key;
if (VIR_APPEND_ELEMENT(*insts, *ninsts, inst) < 0) { if (VIR_APPEND_ELEMENT(*insts, *ninsts, inst) < 0)
VIR_FREE(inst); return -1;
goto cleanup;
}
} }
ret = 0; return 0;
cleanup:
VIR_FREE(filter_names);
return ret;
} }
static int static int
@ -3339,12 +3319,12 @@ ebiptablesApplyNewRules(const char *ifname,
{ {
size_t i, j; size_t i, j;
g_autoptr(virFirewall) fw = virFirewallNew(); g_autoptr(virFirewall) fw = virFirewallNew();
virHashTablePtr chains_in_set = virHashCreate(10, NULL); g_autoptr(virHashTable) chains_in_set = virHashCreate(10, NULL);
virHashTablePtr chains_out_set = virHashCreate(10, NULL); g_autoptr(virHashTable) chains_out_set = virHashCreate(10, NULL);
bool haveEbtables = false; bool haveEbtables = false;
bool haveIptables = false; bool haveIptables = false;
bool haveIp6tables = false; bool haveIp6tables = false;
ebtablesSubChainInstPtr *subchains = NULL; g_autofree ebtablesSubChainInstPtr *subchains = NULL;
size_t nsubchains = 0; size_t nsubchains = 0;
int ret = -1; int ret = -1;
@ -3538,9 +3518,6 @@ ebiptablesApplyNewRules(const char *ifname,
cleanup: cleanup:
for (i = 0; i < nsubchains; i++) for (i = 0; i < nsubchains; i++)
VIR_FREE(subchains[i]); VIR_FREE(subchains[i]);
VIR_FREE(subchains);
virHashFree(chains_in_set);
virHashFree(chains_out_set);
return ret; return ret;
} }

15
src/nwfilter/nwfilter_gentech_driver.c
View File

@ -415,7 +415,6 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr filter,
virNWFilterDefPtr next_filter; virNWFilterDefPtr next_filter;
virNWFilterDefPtr newNext_filter; virNWFilterDefPtr newNext_filter;
virNWFilterVarValuePtr val; virNWFilterVarValuePtr val;
virHashTablePtr tmpvars;
for (i = 0; i < filter->nentries; i++) { for (i = 0; i < filter->nentries; i++) {
virNWFilterRuleDefPtr rule = filter->filterEntries[i]->rule; virNWFilterRuleDefPtr rule = filter->filterEntries[i]->rule;
@ -425,18 +424,16 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr filter,
for (j = 0; j < rule->nVarAccess; j++) { for (j = 0; j < rule->nVarAccess; j++) {
if (!virNWFilterVarAccessIsAvailable(rule->varAccess[j], if (!virNWFilterVarAccessIsAvailable(rule->varAccess[j],
vars)) { vars)) {
char *varAccess; g_autofree char *varAccess = NULL;
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER; g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
virNWFilterVarAccessPrint(rule->varAccess[j], &buf); virNWFilterVarAccessPrint(rule->varAccess[j], &buf);
val = virNWFilterVarValueCreateSimpleCopyValue("1"); if (!(val = virNWFilterVarValueCreateSimpleCopyValue("1")))
if (!val)
return -1; return -1;
varAccess = virBufferContentAndReset(&buf); varAccess = virBufferContentAndReset(&buf);
rc = virHashUpdateEntry(missing_vars, varAccess, val); rc = virHashUpdateEntry(missing_vars, varAccess, val);
VIR_FREE(varAccess);
if (rc < 0) { if (rc < 0) {
virNWFilterVarValueFree(val); virNWFilterVarValueFree(val);
return -1; return -1;
@ -444,6 +441,8 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr filter,
} }
} }
} else if (inc) { } else if (inc) {
g_autoptr(virHashTable) tmpvars = NULL;
VIR_DEBUG("Following filter %s", inc->filterref); VIR_DEBUG("Following filter %s", inc->filterref);
if (!(obj = virNWFilterObjListFindInstantiateFilter(driver->nwfilters, if (!(obj = virNWFilterObjListFindInstantiateFilter(driver->nwfilters,
inc->filterref))) inc->filterref)))
@ -472,9 +471,6 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr filter,
missing_vars, missing_vars,
useNewFilter, useNewFilter,
driver); driver);
virHashFree(tmpvars);
virNWFilterObjUnlock(obj); virNWFilterObjUnlock(obj);
if (rc < 0) if (rc < 0)
return -1; return -1;
@ -515,7 +511,7 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr techdriver,
int rc; int rc;
virNWFilterInst inst; virNWFilterInst inst;
bool instantiate = true; bool instantiate = true;
char *buf; g_autofree char *buf = NULL;
virNWFilterVarValuePtr lv; virNWFilterVarValuePtr lv;
const char *learning; const char *learning;
bool reportIP = false; bool reportIP = false;
@ -635,7 +631,6 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr techdriver,
virReportError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot instantiate filter due to unresolvable " _("Cannot instantiate filter due to unresolvable "
"variables or unavailable list elements: %s"), buf); "variables or unavailable list elements: %s"), buf);
VIR_FREE(buf);
} }
rc = -1; rc = -1;

7
src/nwfilter/nwfilter_learnipaddr.c
View File

@ -397,7 +397,7 @@ learnIPAddressThread(void *arg)
int dhcp_opts_len; int dhcp_opts_len;
char macaddr[VIR_MAC_STRING_BUFLEN]; char macaddr[VIR_MAC_STRING_BUFLEN];
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER; g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
char *filter = NULL; g_autofree char *filter = NULL;
uint16_t etherType; uint16_t etherType;
bool showError = true; bool showError = true;
enum howDetect howDetected = 0; enum howDetect howDetected = 0;
@ -622,8 +622,6 @@ learnIPAddressThread(void *arg)
} /* while */ } /* while */
cleanup: cleanup:
VIR_FREE(filter);
if (handle) if (handle)
pcap_close(handle); pcap_close(handle);
@ -633,7 +631,7 @@ learnIPAddressThread(void *arg)
sa.len = sizeof(sa.data.inet4); sa.len = sizeof(sa.data.inet4);
sa.data.inet4.sin_family = AF_INET; sa.data.inet4.sin_family = AF_INET;
sa.data.inet4.sin_addr.s_addr = vmaddr; sa.data.inet4.sin_addr.s_addr = vmaddr;
char *inetaddr; g_autofree char *inetaddr = NULL;
/* It is necessary to unlock interface here to avoid updateMutex and /* It is necessary to unlock interface here to avoid updateMutex and
* interface ordering deadlocks. Otherwise we are going to * interface ordering deadlocks. Otherwise we are going to
@ -656,7 +654,6 @@ learnIPAddressThread(void *arg)
req->ifindex); req->ifindex);
VIR_DEBUG("Result from applying firewall rules on " VIR_DEBUG("Result from applying firewall rules on "
"%s with IP addr %s : %d", req->binding->portdevname, inetaddr, ret); "%s with IP addr %s : %d", req->binding->portdevname, inetaddr, ret);
VIR_FREE(inetaddr);
} }
} else { } else {
if (showError) if (showError)