From: Jérémie Galarneau Date: Sat, 6 Apr 2019 19:16:38 +0000 (-0400) Subject: Fix: command reply message is leaked for variable-len replies X-Git-Tag: v2.12.0-rc1~624 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=99a98ed3b86b74dacba885e5de33ff67bf412af0;p=lttng-tools.git Fix: command reply message is leaked for variable-len replies Commands which return a variable-length payload re-setup the command context using setup_lttng_msg() (and its wrappers). In doing so, the lttcomm_lttng_msg structure (plus its trailing variable-length payload) are re-allocated. However, the previous instance of lttcomm_lttng_msg is leaked. This is solved by free()-ing the original lttcomm_lttng_msg when setup_lttng_msg() is used. When it is only used once, a NULL pointer will be free'd without any effect. Signed-off-by: Jérémie Galarneau --- diff --git a/src/bin/lttng-sessiond/client.c b/src/bin/lttng-sessiond/client.c index a889529a7..fb50b3cc6 100644 --- a/src/bin/lttng-sessiond/client.c +++ b/src/bin/lttng-sessiond/client.c @@ -81,6 +81,7 @@ static int setup_lttng_msg(struct command_ctx *cmd_ctx, const size_t payload_offset = cmd_header_offset + cmd_header_len; const size_t total_msg_size = header_len + cmd_header_len + payload_len; + free(cmd_ctx->llm); cmd_ctx->llm = zmalloc(total_msg_size); if (cmd_ctx->llm == NULL) {