From 7ea8750c0d12bbfb4fbce85b694e0849409a0459 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Thu, 13 Nov 2014 17:18:16 -0500 Subject: [PATCH] Fix: filter bytecode and string memory leak on error MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng-sessiond/cmd.c | 11 +++++++++++ src/bin/lttng-sessiond/event.c | 12 ++++++++++++ src/bin/lttng-sessiond/kernel.c | 1 + src/bin/lttng-sessiond/main.c | 4 ++++ src/bin/lttng-sessiond/trace-ust.c | 4 ++++ 5 files changed, 32 insertions(+) diff --git a/src/bin/lttng-sessiond/cmd.c b/src/bin/lttng-sessiond/cmd.c index 4a1af43a7..84de27770 100644 --- a/src/bin/lttng-sessiond/cmd.c +++ b/src/bin/lttng-sessiond/cmd.c @@ -1303,6 +1303,7 @@ error: /* * Command LTTNG_ENABLE_EVENT processed by the client thread. + * We own filter, exclusion, and filter_expression. */ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, char *channel_name, struct lttng_event *event, @@ -1424,6 +1425,10 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, /* At this point, the session and channel exist on the tracer */ ret = event_ust_enable_tracepoint(usess, uchan, event, filter_expression, filter, exclusion); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; + exclusion = NULL; if (ret != LTTNG_OK) { goto error; } @@ -1460,6 +1465,9 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, ret = cmd_enable_event(session, &tmp_dom, DEFAULT_JUL_CHANNEL_NAME, &uevent, filter_expression, filter, NULL, wpipe); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; if (ret != LTTNG_OK && ret != LTTNG_ERR_UST_EVENT_ENABLED) { goto error; } @@ -1489,6 +1497,9 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, ret = LTTNG_OK; error: + free(filter_expression); + free(filter); + free(exclusion); rcu_read_unlock(); return ret; } diff --git a/src/bin/lttng-sessiond/event.c b/src/bin/lttng-sessiond/event.c index 280765a5f..dd212f521 100644 --- a/src/bin/lttng-sessiond/event.c +++ b/src/bin/lttng-sessiond/event.c @@ -153,6 +153,7 @@ int event_kernel_disable_all(struct ltt_kernel_channel *kchan) /* * Enable kernel tracepoint event for a channel from the kernel session. + * We own filter_expression and filter. */ int event_kernel_enable_tracepoint(struct ltt_kernel_channel *kchan, struct lttng_event *event) @@ -410,6 +411,7 @@ error: /* * Enable UST tracepoint event for a channel from a UST session. + * We own filter_expression, filter, and exclusion. */ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, struct ltt_ust_channel *uchan, struct lttng_event *event, @@ -431,6 +433,10 @@ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, if (uevent == NULL) { uevent = trace_ust_create_event(event, filter_expression, filter, exclusion); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; + exclusion = NULL; if (uevent == NULL) { ret = LTTNG_ERR_UST_ENABLE_FAIL; goto error; @@ -478,6 +484,9 @@ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, end: rcu_read_unlock(); + free(filter_expression); + free(filter); + free(exclusion); return ret; error: @@ -493,6 +502,9 @@ error: trace_ust_destroy_event(uevent); } rcu_read_unlock(); + free(filter_expression); + free(filter); + free(exclusion); return ret; } diff --git a/src/bin/lttng-sessiond/kernel.c b/src/bin/lttng-sessiond/kernel.c index 1fae30f0a..9134d4683 100644 --- a/src/bin/lttng-sessiond/kernel.c +++ b/src/bin/lttng-sessiond/kernel.c @@ -171,6 +171,7 @@ error: /* * Create a kernel event, enable it to the kernel tracer and add it to the * channel event list of the kernel session. + * We own filter_expression and filter. */ int kernel_create_event(struct lttng_event *ev, struct ltt_kernel_channel *channel) diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c index 36c99cda1..db8fa6762 100644 --- a/src/bin/lttng-sessiond/main.c +++ b/src/bin/lttng-sessiond/main.c @@ -3209,12 +3209,14 @@ skip_domain: if (bytecode_len > LTTNG_FILTER_MAX_LEN) { ret = LTTNG_ERR_FILTER_INVAL; + free(filter_expression); free(exclusion); goto error; } bytecode = zmalloc(bytecode_len); if (!bytecode) { + free(filter_expression); free(exclusion); ret = LTTNG_ERR_FILTER_NOMEM; goto error; @@ -3226,6 +3228,7 @@ skip_domain: if (ret <= 0) { DBG("Nothing recv() from client car len data... continuing"); *sock_error = 1; + free(filter_expression); free(bytecode); free(exclusion); ret = LTTNG_ERR_FILTER_INVAL; @@ -3233,6 +3236,7 @@ skip_domain: } if ((bytecode->len + sizeof(*bytecode)) != bytecode_len) { + free(filter_expression); free(bytecode); free(exclusion); ret = LTTNG_ERR_FILTER_INVAL; diff --git a/src/bin/lttng-sessiond/trace-ust.c b/src/bin/lttng-sessiond/trace-ust.c index ddf5dc4ab..d06edcba3 100644 --- a/src/bin/lttng-sessiond/trace-ust.c +++ b/src/bin/lttng-sessiond/trace-ust.c @@ -336,6 +336,7 @@ error: /* * Allocate and initialize a ust event. Set name and event type. + * We own filter_expression, filter, and exclusion. * * Return pointer to structure or NULL. */ @@ -416,6 +417,9 @@ struct ltt_ust_event *trace_ust_create_event(struct lttng_event *ev, error_free_event: free(lue); error: + free(filter_expression); + free(filter); + free(exclusion); return NULL; } -- 2.34.1