From: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Date: Wed, 10 Feb 2021 19:33:11 +0000 (-0500)
Subject: Fix: sessiond: client: leak of trigger object on invalid client message
X-Git-Tag: v2.13.0-rc1~336
X-Git-Url: https://git.lttng.org/?p=lttng-tools.git;a=commitdiff_plain;h=b5ef16855f9c69315d9530730200890dbbebad24;ds=sidebyside

Fix: sessiond: client: leak of trigger object on invalid client message

Coverity reports:
1445927 Resource leak
The system resource will not be reclaimed and reused, reducing the future availability of the resource.
In receive_lttng_trigger: Leak of memory or pointers to system resources (CWE-404)

lttng_trigger_create_from_payload() can return a trigger (positive
return value) that doesn't match the advertised trigger size. In that
case, a trigger reference was still returned and must be released.

Reported-by: Coverity Scan
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Change-Id: I5afac029ddcf32dd0a01064c9dc688ed9208f278
---

diff --git a/src/bin/lttng-sessiond/client.c b/src/bin/lttng-sessiond/client.c
index c0086953a..00b5ec7e4 100644
--- a/src/bin/lttng-sessiond/client.c
+++ b/src/bin/lttng-sessiond/client.c
@@ -705,7 +705,7 @@ static enum lttng_error_code receive_lttng_trigger(struct command_ctx *cmd_ctx,
 	ssize_t sock_recv_len;
 	enum lttng_error_code ret_code;
 	struct lttng_payload trigger_payload;
-	struct lttng_trigger *trigger;
+	struct lttng_trigger *trigger = NULL;
 
 	lttng_payload_init(&trigger_payload);
 	trigger_len = (size_t) cmd_ctx->lsm.u.trigger.length;
@@ -755,6 +755,7 @@ static enum lttng_error_code receive_lttng_trigger(struct command_ctx *cmd_ctx,
 				trigger_len) {
 			ERR("Invalid trigger received as part of command payload");
 			ret_code = LTTNG_ERR_INVALID_TRIGGER;
+			lttng_trigger_put(trigger);
 			goto end;
 		}
 	}