Fix: dereference on NULL pointer on allocation failure
authorJérémie Galarneau <jeremie.galarneau@efficios.com>
Mon, 14 Jan 2019 21:36:21 +0000 (16:36 -0500)
committerJérémie Galarneau <jeremie.galarneau@efficios.com>
Mon, 14 Jan 2019 22:56:28 +0000 (17:56 -0500)
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
src/bin/lttng-sessiond/agent-thread.c
src/bin/lttng-sessiond/health.c
src/bin/lttng-sessiond/manage-apps.c
src/bin/lttng-sessiond/manage-consumer.c
src/bin/lttng-sessiond/manage-kernel.c
src/bin/lttng-sessiond/notify-apps.c
src/bin/lttng-sessiond/register.c
src/bin/lttng-sessiond/thread.c

index 3ee383389d5e35927b9787e221fc3e51a0cf2b03..f7be1ef71f0bf809fad7ba50ee72faf82ed5de85 100644 (file)
@@ -504,7 +504,7 @@ bool launch_agent_management_thread(void)
 
        notifiers = zmalloc(sizeof(*notifiers));
        if (!notifiers) {
-               goto error;
+               goto error_alloc;
        }
 
        sem_init(&notifiers->ready, 0, 0);
@@ -525,5 +525,6 @@ bool launch_agent_management_thread(void)
        return true;
 error:
        cleanup_agent_management_thread(notifiers);
+error_alloc:
        return false;
 }
index e8c42e4bd7fa6f2b8b7394e9af43461be4b26fb4..921b45261846cb79d62b71d13503478ce10d240c 100644 (file)
@@ -265,7 +265,7 @@ bool launch_health_management_thread(void)
 
        notifiers = zmalloc(sizeof(*notifiers));
        if (!notifiers) {
-               goto error;
+               goto error_alloc;
        }
 
        sem_init(&notifiers->ready, 0, 0);
@@ -287,5 +287,6 @@ bool launch_health_management_thread(void)
        return true;
 error:
        cleanup_health_management_thread(notifiers);
+error_alloc:
        return false;
 }
index 6ef0351fe8088f16b2d35cb8f0c66dca2700ea3f..f9ec356da775213eab133c2ad1f27d547f548d3b 100644 (file)
@@ -226,13 +226,12 @@ bool launch_application_management_thread(int apps_cmd_pipe_read_fd)
        struct thread_notifiers *notifiers = NULL;
        struct lttng_thread *thread;
 
-       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
-       if (!quit_pipe) {
-               goto error;
-       }
-
        notifiers = zmalloc(sizeof(*notifiers));
        if (!notifiers) {
+               goto error_alloc;
+       }
+       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
+       if (!quit_pipe) {
                goto error;
        }
        notifiers->quit_pipe = quit_pipe;
@@ -251,5 +250,6 @@ bool launch_application_management_thread(int apps_cmd_pipe_read_fd)
        return true;
 error:
        cleanup_application_management_thread(notifiers);
+error_alloc:
        return false;
 }
index 47bfe521cf96056b2ffd7dd111afda69efb0b7e5..68c7d649b6d4ffff9fc2b59a40e2deda55385201 100644 (file)
@@ -447,13 +447,13 @@ bool launch_consumer_management_thread(struct consumer_data *consumer_data)
        struct thread_notifiers *notifiers = NULL;
        struct lttng_thread *thread;
 
-       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
-       if (!quit_pipe) {
-               goto error;
-       }
-
        notifiers = zmalloc(sizeof(*notifiers));
        if (!notifiers) {
+               goto error_alloc;
+       }
+
+       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
+       if (!quit_pipe) {
                goto error;
        }
        notifiers->quit_pipe = quit_pipe;
@@ -476,5 +476,6 @@ bool launch_consumer_management_thread(struct consumer_data *consumer_data)
        return true;
 error:
        cleanup_consumer_management_thread(notifiers);
+error_alloc:
        return false;
 }
index 56bc0a93ca6147807d02059058daa2b23ae4a0e5..34887d7b1d12db660122b9cb3eedef1756b5073f 100644 (file)
@@ -347,13 +347,12 @@ bool launch_kernel_management_thread(int kernel_poll_pipe_read_fd)
        struct thread_notifiers *notifiers = NULL;
        struct lttng_thread *thread;
 
-       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
-       if (!quit_pipe) {
-               goto error;
-       }
-
        notifiers = zmalloc(sizeof(*notifiers));
        if (!notifiers) {
+               goto error_alloc;
+       }
+       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
+       if (!quit_pipe) {
                goto error;
        }
        notifiers->quit_pipe = quit_pipe;
@@ -371,5 +370,6 @@ bool launch_kernel_management_thread(int kernel_poll_pipe_read_fd)
        return true;
 error:
        cleanup_kernel_management_thread(notifiers);
+error_alloc:
        return false;
 }
index fee1843459e011d8ded0908c07fd317026d942b0..bc7405c7b4bf4c586ad3393428f22b86280fb6a0 100644 (file)
@@ -230,7 +230,7 @@ bool launch_application_notification_thread(int apps_cmd_notify_pipe_read_fd)
 
        notifiers = zmalloc(sizeof(*notifiers));
        if (!notifiers) {
-               goto error;
+               goto error_alloc;
        }
        notifiers->apps_cmd_notify_pipe_read_fd = apps_cmd_notify_pipe_read_fd;
 
@@ -252,5 +252,6 @@ bool launch_application_notification_thread(int apps_cmd_notify_pipe_read_fd)
        return true;
 error:
        cleanup_application_notification_thread(notifiers);
+error_alloc:
        return false;
 }
index d0a1ff14a69dc3173d89fbcf866de09fdb339816..6ce25ad0f66a1f9af143b73e3937693d444bf334 100644 (file)
@@ -400,13 +400,12 @@ struct lttng_thread *launch_application_registration_thread(
        struct thread_notifiers *notifiers = NULL;
        struct lttng_thread *thread;
 
-       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
-       if (!quit_pipe) {
-               goto error;
-       }
-
        notifiers = zmalloc(sizeof(*notifiers));
        if (!notifiers) {
+               goto error_alloc;
+       }
+       quit_pipe = lttng_pipe_open(FD_CLOEXEC);
+       if (!quit_pipe) {
                goto error;
        }
        notifiers->quit_pipe = quit_pipe;
@@ -428,5 +427,6 @@ struct lttng_thread *launch_application_registration_thread(
        return thread;
 error:
        cleanup_application_registration_thread(notifiers);
+error_alloc:
        return NULL;
 }
index 7e16b69ed9ca5ddb113875b87cb6fa7be64c48e0..6eb5e8efb3124f67b7f1315c788162eaa67f31dd 100644 (file)
@@ -88,7 +88,7 @@ struct lttng_thread *lttng_thread_create(const char *name,
 
        thread = zmalloc(sizeof(*thread));
        if (!thread) {
-               goto error;
+               goto error_alloc;
        }
 
        urcu_ref_init(&thread->ref);
@@ -127,9 +127,9 @@ error_pthread_create:
        /* Release list reference. */
        lttng_thread_put(thread);
        pthread_mutex_unlock(&thread_list.lock);
-error:
        /* Release initial reference. */
        lttng_thread_put(thread);
+error_alloc:
        return NULL;
 }
 
This page took 0.045345 seconds and 4 git commands to generate.