From 6bf307865754d5324adb52a6c2bcfc0e53f07ffc Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Wed, 25 Sep 2013 15:15:45 +0100 Subject: [PATCH] Fix leak of iterators in virDBusMessageIterEncode If virDBusMessageIterEncode hits an OOM condition it often leaks the memory associated with the dbus iterator object Signed-off-by: Daniel P. Berrange --- src/util/virdbus.c | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/src/util/virdbus.c b/src/util/virdbus.c index a2c4b4e42d..3bd339a9d7 100644 --- a/src/util/virdbus.c +++ b/src/util/virdbus.c @@ -601,8 +601,10 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter, goto cleanup; if (virDBusTypeStackPush(&stack, &nstack, iter, types, - nstruct, narray) < 0) + nstruct, narray) < 0) { + VIR_FREE(newiter); goto cleanup; + } VIR_FREE(contsig); iter = newiter; newiter = NULL; @@ -625,8 +627,10 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter, goto cleanup; if (virDBusTypeStackPush(&stack, &nstack, iter, types, - nstruct, narray) < 0) + nstruct, narray) < 0) { + VIR_FREE(newiter); goto cleanup; + } iter = newiter; newiter = NULL; types = vsig; @@ -657,8 +661,10 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter, if (virDBusTypeStackPush(&stack, &nstack, iter, types, - nstruct, narray) < 0) + nstruct, narray) < 0) { + VIR_FREE(newiter); goto cleanup; + } VIR_FREE(contsig); iter = newiter; newiter = NULL; @@ -678,6 +684,17 @@ virDBusMessageIterEncode(DBusMessageIter *rootiter, ret = 0; cleanup: + while (nstack > 0) { + DBusMessageIter *thisiter = iter; + VIR_DEBUG("Popping iter=%p", iter); + ignore_value(virDBusTypeStackPop(&stack, &nstack, &iter, + &types, &nstruct, &narray)); + VIR_DEBUG("Popped iter=%p", iter); + + if (thisiter != rootiter) + VIR_FREE(thisiter); + } + virDBusTypeStackFree(&stack, &nstack); VIR_FREE(contsig); VIR_FREE(newiter); -- 2.47.2