Fix: command reply message is leaked for variable-len replies

Commands which return a variable-length payload re-setup the
command context using setup_lttng_msg() (and its wrappers).

In doing so, the lttcomm_lttng_msg structure (plus its trailing
variable-length payload) are re-allocated. However, the previous
instance of lttcomm_lttng_msg is leaked.

This is solved by free()-ing the original lttcomm_lttng_msg when
setup_lttng_msg() is used. When it is only used once, a NULL
pointer will be free'd without any effect.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

diff --git a/src/bin/lttng-sessiond/client.c b/src/bin/lttng-sessiond/client.c
index a889529a76967f881c9c05159ccdb55300336f51..fb50b3cc614eaecdf4aacfa9acabb3ad88c1d604 100644 (file)
--- a/src/bin/lttng-sessiond/client.c
+++ b/src/bin/lttng-sessiond/client.c
@@ -81,6 +81,7 @@ static int setup_lttng_msg(struct command_ctx *cmd_ctx,
        const size_t payload_offset = cmd_header_offset + cmd_header_len;
        const size_t total_msg_size = header_len + cmd_header_len + payload_len;
 
+       free(cmd_ctx->llm);
        cmd_ctx->llm = zmalloc(total_msg_size);
 
        if (cmd_ctx->llm == NULL) {