Commit c269de97 authored by Zhiqiang Liu's avatar Zhiqiang Liu Committed by Tomasz Zawadzki
Browse files

blobstore: fix potential memleak problem in blob_serialize_add_page() 



In blob_serialize_add_page(), *pages is set to spdk_realloc(*pages).
If spdk_realloc() returns NULL, the *pages pointer will be
overridden, whose memory will leak.

Here, we introduce a new var (tmp_pages) for checking the return
value of spdk_realloc(*pages).

Signed-off-by: default avatarZhiqiang Liu <liuzhiqiang26@huawei.com>
Change-Id: Ib2ead3f3b5d5e44688d1f0568816f483aa9e101f
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/8307


Community-CI: Mellanox Build Bot
Tested-by: default avatarSPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: default avatarAleksey Marchuk <alexeymar@mellanox.com>
Reviewed-by: default avatarTomasz Zawadzki <tomasz.zawadzki@intel.com>
parent c9d84215

lib/blob/blobstore.c

+11 −9
Original line number Diff line number Diff line
@@ -876,27 +876,29 @@ blob_serialize_add_page(const struct spdk_blob *blob, 
			uint32_t *page_count,

			struct spdk_blob_md_page **last_page)

{

	struct spdk_blob_md_page *page;

	struct spdk_blob_md_page *page, *tmp_pages;



	assert(pages != NULL);

	assert(page_count != NULL);



	*last_page = NULL;

	if (*page_count == 0) {

		assert(*pages == NULL);

		*page_count = 1;

		*pages = spdk_malloc(SPDK_BS_PAGE_SIZE, 0,

				     NULL, SPDK_ENV_SOCKET_ID_ANY, SPDK_MALLOC_DMA);

		if (*pages == NULL) {

			return -ENOMEM;

		}

		*page_count = 1;

	} else {

		assert(*pages != NULL);

		(*page_count)++;

		*pages = spdk_realloc(*pages, SPDK_BS_PAGE_SIZE * (*page_count), 0);

	}



	if (*pages == NULL) {

		*page_count = 0;

		*last_page = NULL;

		tmp_pages = spdk_realloc(*pages, SPDK_BS_PAGE_SIZE * (*page_count + 1), 0);

		if (tmp_pages == NULL) {

			return -ENOMEM;

		}

		(*page_count)++;

		*pages = tmp_pages;

	}



	page = &(*pages)[*page_count - 1];

	memset(page, 0, sizeof(*page));