From 49d21f93659c296425c129bc7722bd8255f5c1b1 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Thu, 13 Nov 2014 17:18:16 -0500 Subject: [PATCH] Fix: filter bytecode and string memory leak on error MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng-sessiond/cmd.c | 11 +++++++++++ src/bin/lttng-sessiond/event.c | 12 ++++++++++++ src/bin/lttng-sessiond/kernel.c | 1 + src/bin/lttng-sessiond/main.c | 4 ++++ src/bin/lttng-sessiond/trace-ust.c | 4 ++++ 5 files changed, 32 insertions(+) diff --git a/src/bin/lttng-sessiond/cmd.c b/src/bin/lttng-sessiond/cmd.c index 41b8502cf..8c13c2dd6 100644 --- a/src/bin/lttng-sessiond/cmd.c +++ b/src/bin/lttng-sessiond/cmd.c @@ -1386,6 +1386,7 @@ end: /* * Command LTTNG_ENABLE_EVENT processed by the client thread. + * We own filter, exclusion, and filter_expression. */ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, char *channel_name, struct lttng_event *event, @@ -1537,6 +1538,10 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, /* At this point, the session and channel exist on the tracer */ ret = event_ust_enable_tracepoint(usess, uchan, event, filter_expression, filter, exclusion); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; + exclusion = NULL; if (ret != LTTNG_OK) { goto error; } @@ -1601,6 +1606,9 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, ret = cmd_enable_event(session, &tmp_dom, (char *) default_chan_name, &uevent, filter_expression, filter, NULL, wpipe); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; if (ret != LTTNG_OK && ret != LTTNG_ERR_UST_EVENT_ENABLED) { goto error; } @@ -1630,6 +1638,9 @@ int cmd_enable_event(struct ltt_session *session, struct lttng_domain *domain, ret = LTTNG_OK; error: + free(filter_expression); + free(filter); + free(exclusion); rcu_read_unlock(); return ret; } diff --git a/src/bin/lttng-sessiond/event.c b/src/bin/lttng-sessiond/event.c index 3db3089b6..a8e63896d 100644 --- a/src/bin/lttng-sessiond/event.c +++ b/src/bin/lttng-sessiond/event.c @@ -181,6 +181,7 @@ int event_kernel_disable_all(struct ltt_kernel_channel *kchan) /* * Enable kernel tracepoint event for a channel from the kernel session. + * We own filter_expression and filter. */ int event_kernel_enable_tracepoint(struct ltt_kernel_channel *kchan, struct lttng_event *event) @@ -408,6 +409,7 @@ error: /* * Enable UST tracepoint event for a channel from a UST session. + * We own filter_expression, filter, and exclusion. */ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, struct ltt_ust_channel *uchan, struct lttng_event *event, @@ -429,6 +431,10 @@ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, if (uevent == NULL) { uevent = trace_ust_create_event(event, filter_expression, filter, exclusion); + /* We have passed ownership */ + filter_expression = NULL; + filter = NULL; + exclusion = NULL; if (uevent == NULL) { ret = LTTNG_ERR_UST_ENABLE_FAIL; goto error; @@ -476,6 +482,9 @@ int event_ust_enable_tracepoint(struct ltt_ust_session *usess, end: rcu_read_unlock(); + free(filter_expression); + free(filter); + free(exclusion); return ret; error: @@ -491,6 +500,9 @@ error: trace_ust_destroy_event(uevent); } rcu_read_unlock(); + free(filter_expression); + free(filter); + free(exclusion); return ret; } diff --git a/src/bin/lttng-sessiond/kernel.c b/src/bin/lttng-sessiond/kernel.c index b7426972c..b7a362dc0 100644 --- a/src/bin/lttng-sessiond/kernel.c +++ b/src/bin/lttng-sessiond/kernel.c @@ -174,6 +174,7 @@ error: /* * Create a kernel event, enable it to the kernel tracer and add it to the * channel event list of the kernel session. + * We own filter_expression and filter. */ int kernel_create_event(struct lttng_event *ev, struct ltt_kernel_channel *channel) diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c index a7f77c09f..81b5e9427 100644 --- a/src/bin/lttng-sessiond/main.c +++ b/src/bin/lttng-sessiond/main.c @@ -3218,12 +3218,14 @@ skip_domain: if (bytecode_len > LTTNG_FILTER_MAX_LEN) { ret = LTTNG_ERR_FILTER_INVAL; + free(filter_expression); free(exclusion); goto error; } bytecode = zmalloc(bytecode_len); if (!bytecode) { + free(filter_expression); free(exclusion); ret = LTTNG_ERR_FILTER_NOMEM; goto error; @@ -3235,6 +3237,7 @@ skip_domain: if (ret <= 0) { DBG("Nothing recv() from client car len data... continuing"); *sock_error = 1; + free(filter_expression); free(bytecode); free(exclusion); ret = LTTNG_ERR_FILTER_INVAL; @@ -3242,6 +3245,7 @@ skip_domain: } if ((bytecode->len + sizeof(*bytecode)) != bytecode_len) { + free(filter_expression); free(bytecode); free(exclusion); ret = LTTNG_ERR_FILTER_INVAL; diff --git a/src/bin/lttng-sessiond/trace-ust.c b/src/bin/lttng-sessiond/trace-ust.c index 0e386aa03..b9fdf9f0a 100644 --- a/src/bin/lttng-sessiond/trace-ust.c +++ b/src/bin/lttng-sessiond/trace-ust.c @@ -366,6 +366,7 @@ error: /* * Allocate and initialize a ust event. Set name and event type. + * We own filter_expression, filter, and exclusion. * * Return pointer to structure or NULL. */ @@ -441,6 +442,9 @@ struct ltt_ust_event *trace_ust_create_event(struct lttng_event *ev, error_free_event: free(lue); error: + free(filter_expression); + free(filter); + free(exclusion); return NULL; } -- 2.34.1