From 9de6375f04f962e9eae34ad90f4c66e8bf15c2a8 Mon Sep 17 00:00:00 2001
From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?=
 <jeremie.galarneau@efficios.com>
Date: Wed, 21 Apr 2021 15:28:31 -0400
Subject: [PATCH] Fix: error-query: leak of trigger on malformed error-query
 comm buffer
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

CID 1452633 (#1 of 1): Resource leak (RESOURCE_LEAK)
10. leaked_storage: Variable trigger going out of scope leaks the
storage it points to

Reported-by: Coverity Scan
Signed-off-by: JÃ©rÃ©mie Galarneau <jeremie.galarneau@efficios.com>
Change-Id: Ic3ab0c41b6667fb875992e545fcba046edc071fc
---
 src/common/error-query.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/common/error-query.c b/src/common/error-query.c
index d4395b467..031257b27 100644
--- a/src/common/error-query.c
+++ b/src/common/error-query.c
@@ -739,6 +739,7 @@ ssize_t lttng_error_query_create_from_payload(struct lttng_payload_view *view,
 {
 	ssize_t used_size = 0;
 	struct lttng_error_query_comm *header;
+	struct lttng_trigger *trigger = NULL;
 	struct lttng_payload_view header_view =
 			lttng_payload_view_from_view(view, 0, sizeof(*header));
 
@@ -754,7 +755,6 @@ ssize_t lttng_error_query_create_from_payload(struct lttng_payload_view *view,
 	switch ((enum lttng_error_query_target_type) header->target_type) {
 	case LTTNG_ERROR_QUERY_TARGET_TYPE_TRIGGER:
 	{
-		struct lttng_trigger *trigger;
 		ssize_t trigger_used_size;
 		struct lttng_payload_view trigger_view =
 				lttng_payload_view_from_view(
@@ -775,7 +775,6 @@ ssize_t lttng_error_query_create_from_payload(struct lttng_payload_view *view,
 		used_size += trigger_used_size;
 
 		*query = lttng_error_query_trigger_create(trigger);
-		lttng_trigger_put(trigger);
 		if (!*query) {
 			used_size = -1;
 			goto end;
@@ -785,7 +784,6 @@ ssize_t lttng_error_query_create_from_payload(struct lttng_payload_view *view,
 	}
 	case LTTNG_ERROR_QUERY_TARGET_TYPE_ACTION:
 	{
-		struct lttng_trigger *trigger;
 		const struct lttng_action *target_action;
 		ssize_t trigger_used_size;
 		struct lttng_error_query_action_comm *action_header;
@@ -841,7 +839,6 @@ ssize_t lttng_error_query_create_from_payload(struct lttng_payload_view *view,
 
 		*query = lttng_error_query_action_create(
 				trigger, target_action);
-		lttng_trigger_put(trigger);
 		if (!*query) {
 			used_size = -1;
 			goto end;
@@ -855,6 +852,7 @@ ssize_t lttng_error_query_create_from_payload(struct lttng_payload_view *view,
 	}
 
 end:
+	lttng_trigger_put(trigger);
 	return used_size;
 }
 
-- 
2.34.1