aboutsummaryrefslogtreecommitdiff
path: root/qobject
diff options
context:
space:
mode:
authorEric Blake <eblake@redhat.com>2016-05-31 10:41:30 -0600
committerMarkus Armbruster <armbru@redhat.com>2016-06-30 15:28:54 +0200
commitdb486cc334aafd3dbdaf107388e37fc3d6d3e171 (patch)
treedb880cdb64cbf963265e18b9995c7c1a50429c14 /qobject
parent7c47959d0cb05db43014141a156ada0b6d53a750 (diff)
downloadqemu-db486cc334aafd3dbdaf107388e37fc3d6d3e171.zip
qemu-db486cc334aafd3dbdaf107388e37fc3d6d3e171.tar.gz
qemu-db486cc334aafd3dbdaf107388e37fc3d6d3e171.tar.bz2
qapi: Fix memleak in string visitors on int lists
Commit 7f8f9ef1 introduced the ability to store a list of integers as a sorted list of ranges, but when merging ranges, it leaks one or more ranges. It was also using range_get_last() incorrectly within range_compare() (a range is a start/end pair, but range_get_last() is for start/len pairs), and will also mishandle a range ending in UINT64_MAX (remember, we document that no range covers 2**64 bytes, but that ranges that end on UINT64_MAX have end < begin). The whole merge algorithm was rather complex, and included unnecessary passes over data within glib functions, and enough indirection to make it hard to easily plug the data leaks. Since we are already hard-coding things to a list of ranges, just rewrite the thing to open-code the traversal and comparisons, by making the range_compare() helper function give us an answer that is easier to use, at which point we avoid the need to pass any callbacks to g_list_*(). Then by reusing range_extend() instead of duplicating effort with range_merge(), we cover the corner cases correctly. Drop the now-unused range_merge() and ranges_can_merge(). Doing this lets test-string-{input,output}-visitor pass under valgrind without leaks. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1464712890-14262-4-git-send-email-eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [Comment hoisted out of loop] Signed-off-by: Markus Armbruster <armbru@redhat.com>
Diffstat (limited to 'qobject')
0 files changed, 0 insertions, 0 deletions