diff options
author | Markus Armbruster <armbru@redhat.com> | 2011-11-11 10:40:05 +0100 |
---|---|---|
committer | Anthony Liguori <aliguori@us.ibm.com> | 2011-11-11 12:49:51 -0600 |
commit | a4e26048526d8d5b181f9a0a7d4f82b8441c5dfd (patch) | |
tree | 35f54063c1c29b232eeb12816a80dec0d324e06e | |
parent | 1299c63168e9f3d47b681b8c505d39f577ddd253 (diff) |
qemu-char: Plug memory leak on qemu_chr_open_pty() error path
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r-- | qemu-char.c | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/qemu-char.c b/qemu-char.c index 9fd94d1bb4..b562bf88a7 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -985,7 +985,7 @@ static int qemu_chr_open_pty(QemuOpts *opts, CharDriverState **_chr) CharDriverState *chr; PtyCharDriver *s; struct termios tty; - int slave_fd, len; + int master_fd, slave_fd, len; #if defined(__OpenBSD__) || defined(__DragonFly__) char pty_name[PATH_MAX]; #define q_ptsname(x) pty_name @@ -994,10 +994,7 @@ static int qemu_chr_open_pty(QemuOpts *opts, CharDriverState **_chr) #define q_ptsname(x) ptsname(x) #endif - chr = g_malloc0(sizeof(CharDriverState)); - s = g_malloc0(sizeof(PtyCharDriver)); - - if (openpty(&s->fd, &slave_fd, pty_name, NULL, NULL) < 0) { + if (openpty(&master_fd, &slave_fd, pty_name, NULL, NULL) < 0) { return -errno; } @@ -1007,17 +1004,21 @@ static int qemu_chr_open_pty(QemuOpts *opts, CharDriverState **_chr) tcsetattr(slave_fd, TCSAFLUSH, &tty); close(slave_fd); - len = strlen(q_ptsname(s->fd)) + 5; + chr = g_malloc0(sizeof(CharDriverState)); + + len = strlen(q_ptsname(master_fd)) + 5; chr->filename = g_malloc(len); - snprintf(chr->filename, len, "pty:%s", q_ptsname(s->fd)); - qemu_opt_set(opts, "path", q_ptsname(s->fd)); - fprintf(stderr, "char device redirected to %s\n", q_ptsname(s->fd)); + snprintf(chr->filename, len, "pty:%s", q_ptsname(master_fd)); + qemu_opt_set(opts, "path", q_ptsname(master_fd)); + fprintf(stderr, "char device redirected to %s\n", q_ptsname(master_fd)); + s = g_malloc0(sizeof(PtyCharDriver)); chr->opaque = s; chr->chr_write = pty_chr_write; chr->chr_update_read_handler = pty_chr_update_read_handler; chr->chr_close = pty_chr_close; + s->fd = master_fd; s->timer = qemu_new_timer_ms(rt_clock, pty_chr_timer, chr); *_chr = chr; |