diff options
| author | Stefan Hajnoczi <stefanha@redhat.com> | 2014-06-22 10:38:37 +0800 |
|---|---|---|
| committer | Michael S. Tsirkin <mst@redhat.com> | 2014-06-23 17:38:00 +0300 |
| commit | d2fc39b4208709db95b6825c0e1b00ce6fbf0ecc (patch) | |
| tree | ec00af1ce4c8ef8f159249a2ecedd19d945aee5d | |
| parent | 4f8586144161d5e680fdef3e09b7e8e9111c2929 (diff) | |
| download | focaccia-qemu-d2fc39b4208709db95b6825c0e1b00ce6fbf0ecc.tar.gz focaccia-qemu-d2fc39b4208709db95b6825c0e1b00ce6fbf0ecc.zip | |
qemu-char: avoid leaking unused fds in tcp_get_msgfds()
Commit c76bf6bb8fbbb233a7d3641e09229d23747d5ee3 ("Add chardev API
qemu_chr_fe_get_msgfds") extended the get_msgfds API from one to
multiple file descriptors. It forgot to close unused file descriptors
before freeing the file descriptor array.
This patch prevents a file descriptor leak if the tcp_get_msgfds()
callers requests fewer file descriptors than are available.
Cc: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
| -rw-r--r-- | qemu-char.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/qemu-char.c b/qemu-char.c index d9100a2201..e6cbafb09c 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -2481,8 +2481,15 @@ static int tcp_get_msgfds(CharDriverState *chr, int *fds, int num) int to_copy = (s->read_msgfds_num < num) ? s->read_msgfds_num : num; if (to_copy) { + int i; + memcpy(fds, s->read_msgfds, to_copy * sizeof(int)); + /* Close unused fds */ + for (i = to_copy; i < s->read_msgfds_num; i++) { + close(s->read_msgfds[i]); + } + g_free(s->read_msgfds); s->read_msgfds = 0; s->read_msgfds_num = 0; |