aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Armbruster <armbru@redhat.com>2011-11-11 10:40:05 +0100
committerAnthony Liguori <aliguori@us.ibm.com>2011-11-11 12:49:51 -0600
commita4e26048526d8d5b181f9a0a7d4f82b8441c5dfd (patch)
tree35f54063c1c29b232eeb12816a80dec0d324e06e
parent1299c63168e9f3d47b681b8c505d39f577ddd253 (diff)
downloadqemu-a4e26048526d8d5b181f9a0a7d4f82b8441c5dfd.zip
qemu-a4e26048526d8d5b181f9a0a7d4f82b8441c5dfd.tar.gz
qemu-a4e26048526d8d5b181f9a0a7d4f82b8441c5dfd.tar.bz2
qemu-char: Plug memory leak on qemu_chr_open_pty() error path
Spotted by Coverity. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r--qemu-char.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/qemu-char.c b/qemu-char.c
index 9fd94d1..b562bf8 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -985,7 +985,7 @@ static int qemu_chr_open_pty(QemuOpts *opts, CharDriverState **_chr)
CharDriverState *chr;
PtyCharDriver *s;
struct termios tty;
- int slave_fd, len;
+ int master_fd, slave_fd, len;
#if defined(__OpenBSD__) || defined(__DragonFly__)
char pty_name[PATH_MAX];
#define q_ptsname(x) pty_name
@@ -994,10 +994,7 @@ static int qemu_chr_open_pty(QemuOpts *opts, CharDriverState **_chr)
#define q_ptsname(x) ptsname(x)
#endif
- chr = g_malloc0(sizeof(CharDriverState));
- s = g_malloc0(sizeof(PtyCharDriver));
-
- if (openpty(&s->fd, &slave_fd, pty_name, NULL, NULL) < 0) {
+ if (openpty(&master_fd, &slave_fd, pty_name, NULL, NULL) < 0) {
return -errno;
}
@@ -1007,17 +1004,21 @@ static int qemu_chr_open_pty(QemuOpts *opts, CharDriverState **_chr)
tcsetattr(slave_fd, TCSAFLUSH, &tty);
close(slave_fd);
- len = strlen(q_ptsname(s->fd)) + 5;
+ chr = g_malloc0(sizeof(CharDriverState));
+
+ len = strlen(q_ptsname(master_fd)) + 5;
chr->filename = g_malloc(len);
- snprintf(chr->filename, len, "pty:%s", q_ptsname(s->fd));
- qemu_opt_set(opts, "path", q_ptsname(s->fd));
- fprintf(stderr, "char device redirected to %s\n", q_ptsname(s->fd));
+ snprintf(chr->filename, len, "pty:%s", q_ptsname(master_fd));
+ qemu_opt_set(opts, "path", q_ptsname(master_fd));
+ fprintf(stderr, "char device redirected to %s\n", q_ptsname(master_fd));
+ s = g_malloc0(sizeof(PtyCharDriver));
chr->opaque = s;
chr->chr_write = pty_chr_write;
chr->chr_update_read_handler = pty_chr_update_read_handler;
chr->chr_close = pty_chr_close;
+ s->fd = master_fd;
s->timer = qemu_new_timer_ms(rt_clock, pty_chr_timer, chr);
*_chr = chr;