libvirt/daemon
Eric Blake 117f60ca53 daemon: avoid memleak when ListAll returns nothing
Commit 4f25146 (v1.2.8) managed to silence Coverity, but at the
cost of a memory leak detected by valgrind:
==24129== 40 bytes in 5 blocks are definitely lost in loss record 355 of 637
==24129==    at 0x4A08B1C: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==24129==    by 0x5084B8E: virReallocN (viralloc.c:245)
==24129==    by 0x514D5AA: virDomainObjListExport (domain_conf.c:22200)
==24129==    by 0x201227DB: qemuConnectListAllDomains (qemu_driver.c:18042)
==24129==    by 0x51CC1B6: virConnectListAllDomains (libvirt-domain.c:6797)
==24129==    by 0x14173D: remoteDispatchConnectListAllDomains (remote.c:1580)
==24129==    by 0x121BE1: remoteDispatchConnectListAllDomainsHelper (remote_dispatch.h:1072)

In short, every time a client calls a ListAll variant and asks
for the resulting list, but there are 0 elements to return, we
end up leaking the 1-entry array that holds the NULL terminator.

What's worse, a read-only client can access these functions in a
tight loop to cause libvirtd to eventually run out of memory; and
this can be considered a denial of service attack against more
privileged clients.  Thankfully, the leak is so small (8 bytes per
call) that you would already have some other denial of service with
any guest calling the API that frequently, so an out-of-memory
crash is unlikely enough that this did not warrant a CVE.

* daemon/remote.c (remoteDispatchConnectListAllDomains)
(remoteDispatchDomainListAllSnapshots)
(remoteDispatchDomainSnapshotListAllChildren)
(remoteDispatchConnectListAllStoragePools)
(remoteDispatchStoragePoolListAllVolumes)
(remoteDispatchConnectListAllNetworks)
(remoteDispatchConnectListAllInterfaces)
(remoteDispatchConnectListAllNodeDevices)
(remoteDispatchConnectListAllNWFilters)
(remoteDispatchConnectListAllSecrets)
(remoteDispatchNetworkGetDHCPLeases): Plug leak.

Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 3c2ff5029b)
2015-03-16 10:21:06 -06:00
..
libvirtd-config.c virconf: Introduce VIR_CONF_ULONG 2014-12-15 10:34:18 +01:00
libvirtd-config.h Remove global log buffer feature entirely 2014-03-18 14:29:22 +00:00
libvirtd.aug daemon: Introduce max_anonymous_clients 2014-03-17 17:45:13 +01:00
libvirtd.c daemon: Fix segfault by reloading daemon right after start 2015-02-18 17:51:54 +01:00
libvirtd.conf Fix a syntax error in the description text of libvirtd.conf 2015-02-12 09:24:10 -07:00
libvirtd.h qemu: wire up RPC for qemu monitor events 2014-03-20 11:25:37 -06:00
libvirtd.init.in virtlockd: improve initscripts 2013-12-10 12:02:37 +01:00
libvirtd.logrotate.in
libvirtd.lxc.logrotate.in
libvirtd.pod.in Properly handle -h / -V for --help/--version aliases in virtlockd/libvirtd 2013-08-13 14:06:01 +01:00
libvirtd.policy.in
libvirtd.qemu.logrotate.in
libvirtd.sasl daemon: Fix command example in libvirtd.sasl 2013-07-09 10:01:55 -04:00
libvirtd.service.in daemon: use socket activation with systemd 2014-08-22 09:12:14 +02:00
libvirtd.socket.in daemon: use socket activation with systemd 2014-08-22 09:12:14 +02:00
libvirtd.sysconf daemon: Enhance documentation for changing NOFILE limit 2014-03-20 10:55:44 +01:00
libvirtd.sysctl
libvirtd.uml.logrotate.in
libvirtd.upstart
Makefile.am Convert remote daemon & acl code to use polkit API 2014-09-24 15:29:22 +01:00
remote.c daemon: avoid memleak when ListAll returns nothing 2015-03-16 10:21:06 -06:00
remote.h
stream.c Replace virStreamFree with virObjectUnref 2014-12-02 11:03:41 -05:00
stream.h
test_libvirtd.aug.in daemon: Introduce max_anonymous_clients 2014-03-17 17:45:13 +01:00
THREADS.txt docs: fix usage of 'onto' 2013-04-19 14:31:16 -06:00