From 5af40280abf6f969256e044e106f524a2a0df16d Mon Sep 17 00:00:00 2001 From: Christian Babeux Date: Thu, 28 Feb 2013 15:48:24 -0500 Subject: [PATCH] Fix: Memory leak on error paths of relay_add_stream On error paths the memory allocated for stream is never freed. Also, fix undefined behavior on asprintf alloc failure. According to asprintf(3), the content of the pointer passed to it is undefined if an alloc failure occurs, so we could end up freeing a pointer in an undefined state. Force its value to NULL. Signed-off-by: Christian Babeux Signed-off-by: David Goulet --- src/bin/lttng-relayd/main.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/bin/lttng-relayd/main.c b/src/bin/lttng-relayd/main.c index 4f9d74274..00b7ea308 100644 --- a/src/bin/lttng-relayd/main.c +++ b/src/bin/lttng-relayd/main.c @@ -941,6 +941,7 @@ int relay_add_stream(struct lttcomm_relayd_hdr *recv_hdr, ret = asprintf(&path, "%s/%s", root_path, stream_info.channel_name); if (ret < 0) { PERROR("asprintf stream path"); + path = NULL; goto end; } @@ -963,13 +964,17 @@ int relay_add_stream(struct lttcomm_relayd_hdr *recv_hdr, end: free(path); free(root_path); + + reply.handle = htobe64(stream->stream_handle); /* send the session id to the client or a negative return code on error */ if (ret < 0) { reply.ret_code = htobe32(LTTNG_ERR_UNK); + /* stream was not properly added to the ht, so free it */ + free(stream); } else { reply.ret_code = htobe32(LTTNG_OK); } - reply.handle = htobe64(stream->stream_handle); + send_ret = cmd->sock->ops->sendmsg(cmd->sock, &reply, sizeof(struct lttcomm_relayd_status_stream), 0); if (send_ret < 0) { -- 2.34.1