ab7fc8ee5b
- target/i386: Introduce SapphireRapids-v3 to add missing features - qtest/fuzz-lsi53c895a-test: set guest RAM to 2G - hw/net/lan9118: Signal TSFL_INT flag when TX FIFO reaches specified level - target/arm: Fix alignment for VLD4.32 - hw/microblaze: pass random seed to fdt - tests/qtest: npcm7xx-emc-test: Skip checking MAC - tests: mark io-command test as skipped if socat is missing - tests: unit: add NULL-pointer check - tests: test-qga: close socket on failure to connect - vdpa:block device capacity expansion online support vdpa block device update capacity. - virtio-net: Ensure queue index fits with RSS(CVE-2024-6505) - nbd/server: CVE-2024-7409: Avoid use-after-free when closing server - ppc/vof: Fix unaligned FDT property access - vvfat: Fix reading files with non-continuous clusters - vvfat: Fix bug in writing to middle of file - savevm: Fix load_snapshot error path crash - hw/dma/xilinx_axidma: Use semicolon at end of statement, not comma - hw/remote/message.c: Don't directly invoke DeviceClass:reset - crypto/tlscredspsk: Free username on finalize - hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read() - virtio: remove virtio_tswap16s() call in vring_packed_event_read() - char-stdio: Restore blocking mode of stdout on exit - hw/ppc: spapr: Use qemu_vfree() to free spapr->htab - smbios: sanitize type from external type before checking have_fields_bitmap - spapr_pci: fix leak in spapr_phb_vfio_get_loc_code - KVM: use store-release to mark dirty pages as harvested - monitor/hmp: print trace as option in help for log command - tpm_crb: Avoid backend startup just before shutdown under Xen - crypto/block-luks: make range overlap check more readable - spapr: Free stdout path - target/rx: Use target_ulong for address in LI - virtio-pci: Fix the use of an uninitialized irqfd - rtl8139: Fix behaviour for old kernels. - virtio-rng: block max-bytes=0 MIME-Version: 1.0 - hw/audio/es1370: Clean up comment - vhost-user-server: do not set memory fd non-blocking - ui: reject extended clipboard message if not activated - virtio-net: Fix vhost virtqueue notifiers for RSS - hw/misc/applesmc: Fix memory leak in reset() handler Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com> (cherry picked from commit db7a5d9a7239db307c8c1454fab5f8a92fd486b8)
78 lines
5.0 KiB
Diff
78 lines
5.0 KiB
Diff
From 58fb7b6216c6b2c8204e1046dd788f18eeb3b45f Mon Sep 17 00:00:00 2001
|
|
From: Peter Maydell <peter.maydell@linaro.org>
|
|
Date: Mon, 19 Aug 2024 15:50:21 +0100
|
|
Subject: [PATCH] crypto/tlscredspsk: Free username on finalize
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
When the creds->username property is set we allocate memory
|
|
for it in qcrypto_tls_creds_psk_prop_set_username(), but
|
|
we never free this when the QCryptoTLSCredsPSK is destroyed.
|
|
Free the memory in finalize.
|
|
|
|
This fixes a LeakSanitizer complaint in migration-test:
|
|
|
|
$ (cd build/asan; ASAN_OPTIONS="fast_unwind_on_malloc=0" QTEST_QEMU_BINARY=./qemu-system-x86_64 ./tests/qtest/migration-test --tap -k -p /x86_64/migration/precopy/unix/tls/psk)
|
|
|
|
=================================================================
|
|
==3867512==ERROR: LeakSanitizer: detected memory leaks
|
|
|
|
Direct leak of 5 byte(s) in 1 object(s) allocated from:
|
|
#0 0x5624e5c99dee in malloc (/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-x86_64+0x218edee) (BuildId: a9e623fa1009a9435c0142c037cd7b8c1ad04ce3)
|
|
#1 0x7fb199ae9738 in g_malloc debian/build/deb/../../../glib/gmem.c:128:13
|
|
#2 0x7fb199afe583 in g_strdup debian/build/deb/../../../glib/gstrfuncs.c:361:17
|
|
#3 0x5624e82ea919 in qcrypto_tls_creds_psk_prop_set_username /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../crypto/tlscredspsk.c:255:23
|
|
#4 0x5624e812c6b5 in property_set_str /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../qom/object.c:2277:5
|
|
#5 0x5624e8125ce5 in object_property_set /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../qom/object.c:1463:5
|
|
#6 0x5624e8136e7c in object_set_properties_from_qdict /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../qom/object_interfaces.c:55:14
|
|
#7 0x5624e81372d2 in user_creatable_add_type /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../qom/object_interfaces.c:112:5
|
|
#8 0x5624e8137964 in user_creatable_add_qapi /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../qom/object_interfaces.c:157:11
|
|
#9 0x5624e891ba3c in qmp_object_add /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../qom/qom-qmp-cmds.c:227:5
|
|
#10 0x5624e8af9118 in qmp_marshal_object_add /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qapi/qapi-commands-qom.c:337:5
|
|
#11 0x5624e8bd1d49 in do_qmp_dispatch_bh /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../qapi/qmp-dispatch.c:128:5
|
|
#12 0x5624e8cb2531 in aio_bh_call /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../util/async.c:171:5
|
|
#13 0x5624e8cb340c in aio_bh_poll /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../util/async.c:218:13
|
|
#14 0x5624e8c0be98 in aio_dispatch /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../util/aio-posix.c:423:5
|
|
#15 0x5624e8cba3ce in aio_ctx_dispatch /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../util/async.c:360:5
|
|
#16 0x7fb199ae0d3a in g_main_dispatch debian/build/deb/../../../glib/gmain.c:3419:28
|
|
#17 0x7fb199ae0d3a in g_main_context_dispatch debian/build/deb/../../../glib/gmain.c:4137:7
|
|
#18 0x5624e8cbe1d9 in glib_pollfds_poll /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../util/main-loop.c:287:9
|
|
#19 0x5624e8cbcb13 in os_host_main_loop_wait /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../util/main-loop.c:310:5
|
|
#20 0x5624e8cbc6dc in main_loop_wait /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../util/main-loop.c:589:11
|
|
#21 0x5624e6f3f917 in qemu_main_loop /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../system/runstate.c:801:9
|
|
#22 0x5624e893379c in qemu_default_main /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../system/main.c:37:14
|
|
#23 0x5624e89337e7 in main /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/../../system/main.c:48:12
|
|
#24 0x7fb197972d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
|
|
#25 0x7fb197972e3f in __libc_start_main csu/../csu/libc-start.c:392:3
|
|
#26 0x5624e5c16fa4 in _start (/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-x86_64+0x210bfa4) (BuildId: a9e623fa1009a9435c0142c037cd7b8c1ad04ce3)
|
|
|
|
SUMMARY: AddressSanitizer: 5 byte(s) leaked in 1 allocation(s).
|
|
|
|
Cc: qemu-stable@nongnu.org
|
|
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Message-ID: <20240819145021.38524-1-peter.maydell@linaro.org>
|
|
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org
|
|
(cherry picked from commit 87e012f29f2e47dcd8c385ff8bb8188f9e06d4ea)
|
|
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
|
|
---
|
|
crypto/tlscredspsk.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
|
|
index 752f2d92be..9ab62b411d 100644
|
|
--- a/crypto/tlscredspsk.c
|
|
+++ b/crypto/tlscredspsk.c
|
|
@@ -245,6 +245,7 @@ qcrypto_tls_creds_psk_finalize(Object *obj)
|
|
QCryptoTLSCredsPSK *creds = QCRYPTO_TLS_CREDS_PSK(obj);
|
|
|
|
qcrypto_tls_creds_psk_unload(creds);
|
|
+ g_free(creds->username);
|
|
}
|
|
|
|
static void
|
|
--
|
|
2.41.0.windows.1
|
|
|