From faa9eb177c4495e95483c893a0ef871e3749a730 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Thu, 13 Nov 2014 17:18:16 -0500 Subject: [PATCH] Fix: filter bytecode and string memory leak on error MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng-sessiond/cmd.c | 11 +++++++++++ src/bin/lttng-sessiond/event.c | 12 ++++++++++++ src/bin/lttng-sessiond/kernel.c | 1 + src/bin/lttng-sessiond/main.c | 4 ++++ src/bin/lttng-sessiond/trace-ust.c | 4 ++++ 5 files changed, 32 insertions(+) diff --git a/src/bin/lttng-sessiond/cmd.c b/src/bin/lttng-sessiond/cmd.c index d40b58c36..ccc5ba775 100644 --- a/src/bin/lttng-sessiond/cmd.c +++ b/src/bin/lttng-sessiond/cmd.c @@ -1384,6 +1384,7 @@ end: /* * Command LTTNG_ENABLE_EVENT processed by the client thread. + * We own filter, exclusion, and filter_expression. */ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, char *channel_name, struct lttng_event *event, @@ -1535,6 +1536,10 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, /* At this point, the session and channel exist on the tracer */ ret = event_ust_enable_tracepoint(usess, uchan, event, filter_expression, filter, exclusion); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; + exclusion = NULL; if (ret != LTTNG_OK) { goto error; } @@ -1589,6 +1594,9 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, ret = cmd_enable_event(session, &tmp_dom, (char *) default_chan_name, &uevent, filter_expression, filter, NULL, wpipe); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; if (ret != LTTNG_OK && ret != LTTNG_ERR_UST_EVENT_ENABLED) { goto error; } @@ -1618,6 +1626,9 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, ret = LTTNG_OK; error: + free(filter_expression); + free(filter); + free(exclusion); rcu_read_unlock(); return ret; } diff --git a/src/bin/lttng-sessiond/event.c b/src/bin/lttng-sessiond/event.c index 099cbd18d..a7d437e8a 100644 --- a/src/bin/lttng-sessiond/event.c +++ b/src/bin/lttng-sessiond/event.c @@ -180,6 +180,7 @@ int event_kernel_disable_all(struct ltt_kernel_channel *kchan) /* * Enable kernel tracepoint event for a channel from the kernel session. + * We own filter_expression and filter. */ int event_kernel_enable_tracepoint(struct ltt_kernel_channel *kchan, struct lttng_event *event) @@ -407,6 +408,7 @@ error: /* * Enable UST tracepoint event for a channel from a UST session. + * We own filter_expression, filter, and exclusion. */ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, struct ltt_ust_channel *uchan, struct lttng_event *event, @@ -428,6 +430,10 @@ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, if (uevent == NULL) { uevent = trace_ust_create_event(event, filter_expression, filter, exclusion); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; + exclusion = NULL; if (uevent == NULL) { ret = LTTNG_ERR_UST_ENABLE_FAIL; goto error; @@ -475,6 +481,9 @@ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, end: rcu_read_unlock(); + free(filter_expression); + free(filter); + free(exclusion); return ret; error: @@ -490,6 +499,9 @@ error: trace_ust_destroy_event(uevent); } rcu_read_unlock(); + free(filter_expression); + free(filter); + free(exclusion); return ret; } diff --git a/src/bin/lttng-sessiond/kernel.c b/src/bin/lttng-sessiond/kernel.c index 00bfbbc2b..a9151f4d6 100644 --- a/src/bin/lttng-sessiond/kernel.c +++ b/src/bin/lttng-sessiond/kernel.c @@ -173,6 +173,7 @@ error: /* * Create a kernel event, enable it to the kernel tracer and add it to the * channel event list of the kernel session. + * We own filter_expression and filter. */ int kernel_create_event(struct lttng_event *ev, struct ltt_kernel_channel *channel) diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c index 977f131c0..cec2cd083 100644 --- a/src/bin/lttng-sessiond/main.c +++ b/src/bin/lttng-sessiond/main.c @@ -3212,12 +3212,14 @@ skip_domain: if (bytecode_len > LTTNG_FILTER_MAX_LEN) { ret = LTTNG_ERR_FILTER_INVAL; + free(filter_expression); free(exclusion); goto error; } bytecode = zmalloc(bytecode_len); if (!bytecode) { + free(filter_expression); free(exclusion); ret = LTTNG_ERR_FILTER_NOMEM; goto error; @@ -3229,6 +3231,7 @@ skip_domain: if (ret <= 0) { DBG("Nothing recv() from client car len data... continuing"); *sock_error = 1; + free(filter_expression); free(bytecode); free(exclusion); ret = LTTNG_ERR_FILTER_INVAL; @@ -3236,6 +3239,7 @@ skip_domain: } if ((bytecode->len + sizeof(*bytecode)) != bytecode_len) { + free(filter_expression); free(bytecode); free(exclusion); ret = LTTNG_ERR_FILTER_INVAL; diff --git a/src/bin/lttng-sessiond/trace-ust.c b/src/bin/lttng-sessiond/trace-ust.c index a804fb6b8..999f0dfc2 100644 --- a/src/bin/lttng-sessiond/trace-ust.c +++ b/src/bin/lttng-sessiond/trace-ust.c @@ -365,6 +365,7 @@ error: /* * Allocate and initialize a ust event. Set name and event type. + * We own filter_expression, filter, and exclusion. * * Return pointer to structure or NULL. */ @@ -445,6 +446,9 @@ struct ltt_ust_event *trace_ust_create_event(struct lttng_event *ev, error_free_event: free(lue); error: + free(filter_expression); + free(filter); + free(exclusion); return NULL; } -- 2.34.1