From: David Gibson <david@gibson.dropbear.id.au>
To: peter.maydell@linaro.org
Cc: lvivier@redhat.com, aik@ozlabs.ru, qemu-devel@nongnu.org,
groug@kaod.org, qemu-ppc@nongnu.org, clg@kaod.org,
David Gibson <david@gibson.dropbear.id.au>
Subject: [PULL 17/53] spapr: Fixes a leak in CAS
Date: Fri, 4 Oct 2019 19:37:11 +1000 [thread overview]
Message-ID: <20191004093747.31350-18-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20191004093747.31350-1-david@gibson.dropbear.id.au>
From: Alexey Kardashevskiy <aik@ozlabs.ru>
Add a missing g_free(fdt) if the resulting tree is bigger
than the space allocated by SLOF.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
---
hw/ppc/spapr.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 7c3a443776..c69c034183 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -1026,6 +1026,7 @@ int spapr_h_cas_compose_response(SpaprMachineState *spapr,
_FDT((fdt_pack(fdt)));
if (fdt_totalsize(fdt) + sizeof(hdr) > size) {
+ g_free(fdt);
trace_spapr_cas_failed(size);
return -1;
}
--
2.21.0
next prev parent reply other threads:[~2019-10-04 9:55 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-04 9:36 [PULL 00/53] ppc-for-4.2 queue 20191004 David Gibson
2019-10-04 9:36 ` [PULL 01/53] pseries: do not allow memory-less/cpu-less NUMA node David Gibson
2019-10-04 9:36 ` [PULL 02/53] ppc/pnv: fix "bmc" node name in DT David Gibson
2019-10-04 9:36 ` [PULL 03/53] spapr-tpm-proxy: Drop misleading check David Gibson
2019-10-04 9:36 ` [PULL 04/53] hw/ppc/pnv: fix checkpatch.pl coding style warnings David Gibson
2019-10-04 9:36 ` [PULL 05/53] spapr: Report kvm_irqchip_in_kernel() in 'info pic' David Gibson
2019-10-04 9:37 ` [PULL 06/53] hw/ppc/pnv_xscom: retrieve homer/occ base address from PBA BARs David Gibson
2019-10-04 9:37 ` [PULL 07/53] hw/ppc/pnv_occ: add sram device model for occ common area David Gibson
2019-10-04 9:37 ` [PULL 08/53] hw/ppc/pnv_homer: add PowerNV homer device model David Gibson
2019-10-04 9:37 ` [PULL 09/53] spapr/irq: Introduce an ics_irq_free() helper David Gibson
2019-10-04 9:37 ` [PULL 10/53] spapr/irq: Only claim VALID interrupts at the KVM level David Gibson
2019-10-04 9:37 ` [PULL 11/53] ppc: Add support for 'mffscrn','mffscrni' instructions David Gibson
2019-10-04 9:37 ` [PULL 12/53] ppc: Add support for 'mffsce' instruction David Gibson
2019-10-04 9:37 ` [PULL 13/53] ppc: Use FPSCR defines instead of constants David Gibson
2019-10-04 9:37 ` [PULL 14/53] ppc/kvm: Skip writing DPDES back when in run time state David Gibson
2019-10-04 9:37 ` [PULL 15/53] spapr: Simplify handling of pre ISA 3.0 guest workaround handling David Gibson
2019-10-04 9:37 ` [PULL 16/53] spapr: Move handling of special NVLink numa node from reset to init David Gibson
2019-10-04 9:37 ` David Gibson [this message]
2019-10-04 9:37 ` [PULL 18/53] spapr: Skip leading zeroes from memory@ DT node names David Gibson
2019-10-04 9:37 ` [PULL 19/53] spapr: Do not put empty properties for -kernel/-initrd/-append David Gibson
2019-10-04 9:37 ` [PULL 20/53] spapr: Stop providing RTAS blob David Gibson
2019-10-04 9:37 ` [PULL 21/53] pseries: Update SLOF firmware image David Gibson
2019-10-04 9:37 ` [PULL 22/53] target/ppc: introduce get_dfp{64, 128}() helper functions David Gibson
2019-10-04 9:37 ` [PULL 23/53] target/ppc: introduce set_dfp{64, " David Gibson
2019-10-04 9:37 ` [PULL 24/53] target/ppc: update {get, set}_dfp{64, 128}() helper functions to read/write DFP numbers correctly David Gibson
2019-10-04 9:37 ` [PULL 25/53] target/ppc: introduce dfp_finalize_decimal{64, 128}() helper functions David Gibson
2019-10-04 9:37 ` [PULL 26/53] target/ppc: change struct PPC_DFP decimal storage from uint64[2] to ppc_vsr_t David Gibson
2019-10-04 9:37 ` [PULL 27/53] target/ppc: use existing VsrD() macro to eliminate HI_IDX and LO_IDX from dfp_helper.c David Gibson
2019-10-04 9:37 ` [PULL 28/53] target/ppc: remove unnecessary if() around calls to set_dfp{64, 128}() in DFP macros David Gibson
2019-10-04 9:37 ` [PULL 29/53] spapr-pci: Stop providing assigned-addresses David Gibson
2019-10-04 9:37 ` [PULL 30/53] spapr: Render full FDT on ibm, client-architecture-support David Gibson
2019-12-03 16:11 ` [PULL 30/53] spapr: Render full FDT on ibm,client-architecture-support Laurent Vivier
2019-10-04 9:37 ` [PULL 31/53] target/ppc: use Vsr macros in BCD helpers David Gibson
2019-10-04 9:37 ` [PULL 32/53] spapr/xive: skip partially initialized vCPUs in presenter David Gibson
2019-10-04 9:37 ` [PULL 33/53] xics: Minor fixes for XICSFabric interface David Gibson
2019-10-04 9:37 ` [PULL 34/53] xics: Eliminate 'reject', 'resend' and 'eoi' class hooks David Gibson
2019-10-04 9:37 ` [PULL 35/53] xics: Rename misleading ics_simple_*() functions David Gibson
2019-10-04 9:37 ` [PULL 36/53] xics: Eliminate reset hook David Gibson
2019-10-04 9:37 ` [PULL 37/53] xics: Merge TYPE_ICS_BASE and TYPE_ICS_SIMPLE classes David Gibson
2019-10-04 9:37 ` [PULL 38/53] xics: Create sPAPR specific ICS subtype David Gibson
2019-10-04 9:37 ` [PULL 39/53] spapr: Fold spapr_phb_lsi_qirq() into its single caller David Gibson
2019-10-04 9:37 ` [PULL 40/53] spapr: Replace spapr_vio_qirq() helper with spapr_vio_irq_pulse() helper David Gibson
2019-10-04 9:37 ` [PULL 41/53] spapr: Clarify and fix handling of nr_irqs David Gibson
2019-10-04 9:37 ` [PULL 42/53] spapr: Eliminate nr_irqs parameter to SpaprIrq::init David Gibson
2019-10-04 9:37 ` [PULL 43/53] spapr: Fix indexing of XICS irqs David Gibson
2019-10-04 9:37 ` [PULL 44/53] spapr: Simplify spapr_qirq() handling David Gibson
2019-10-04 9:37 ` [PULL 45/53] spapr: Eliminate SpaprIrq:get_nodename method David Gibson
2019-10-04 9:37 ` [PULL 46/53] spapr: Remove unhelpful tracepoints from spapr_irq_free_xics() David Gibson
2019-10-04 9:37 ` [PULL 47/53] spapr: Handle freeing of multiple irqs in frontend only David Gibson
2019-10-04 9:37 ` [PULL 48/53] spapr, xics, xive: Better use of assert()s on irq claim/free paths David Gibson
2019-10-04 9:37 ` [PULL 49/53] xive: Improve irq claim/free path David Gibson
2019-10-04 9:37 ` [PULL 50/53] spapr: Use less cryptic representation of which irq backends are supported David Gibson
2019-10-04 9:37 ` [PULL 51/53] spapr: Add return value to spapr_irq_check() David Gibson
2019-10-04 9:37 ` [PULL 52/53] spapr: Eliminate SpaprIrq::init hook David Gibson
2019-10-04 9:37 ` [PULL 53/53] ppc/pnv: Remove the XICSFabric Interface from the POWER9 machine David Gibson
2019-10-07 14:40 ` [PULL 00/53] ppc-for-4.2 queue 20191004 Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191004093747.31350-18-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=aik@ozlabs.ru \
--cc=clg@kaod.org \
--cc=groug@kaod.org \
--cc=lvivier@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).