Proxmox-Port/qemu
1
0
Fork 0
mirror of https://github.com/qemu/qemu.git synced 2025-09-26 16:12:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
staging-10.0
qemu/hw/gpio
History
Peter Maydell 46b5717924 hw/gpio/pca9554: Avoid leak in pca9554_set_pin() 
In pca9554_set_pin() we have a string property which we parse in
order to set some non-string fields in the device state.  So we call
visit_type_str(), passing it the address of the local variable
state_str.

visit_type_str() will allocate a new copy of the string; we
never free this string, so the result is a memory leak, detected
by ASAN during a "make check" run:

Direct leak of 5 byte(s) in 1 object(s) allocated from:
    #0 0x5d605212ede3 in malloc (/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/qemu-system-arm+0x21f1de3) (
BuildId: 3d5373c89317f58bfcd191a33988c7347714be14)
    #1 0x7f7edea57b09 in g_malloc (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x62b09) (BuildId: 1eb6131419edb83b2178b68282
9a6913cf682d75)
    #2 0x7f7edea6d4d8 in g_strdup (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x784d8) (BuildId: 1eb6131419edb83b2178b68282
9a6913cf682d75)
    #3 0x5d6055289a91 in g_strdup_inline /usr/include/glib-2.0/glib/gstrfuncs.h:321:10
    #4 0x5d6055289a91 in qobject_input_type_str /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qapi/qo
bject-input-visitor.c:542:12
    #5 0x5d605528479c in visit_type_str /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qapi/qapi-visit
-core.c:349:10
    #6 0x5d60528bdd87 in pca9554_set_pin /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/gpio/pca9554.c:179:10
    #7 0x5d60549bcbbb in object_property_set /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:1450:5
    #8 0x5d60549d2055 in object_property_set_qobject /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/qom-qobject.c:28:10
    #9 0x5d60549bcdf1 in object_property_set_str /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../qom/object.c:1458:15
    #10 0x5d605439d077 in gb200nvl_bmc_i2c_init /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/arm/aspeed.c:1267:5
    #11 0x5d60543a3bbc in aspeed_machine_init /mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/arm-asan/../../hw/arm/aspeed.c:493:9

Make the state_str g_autofree, so that we will always free
it, on both error-exit and success codepaths.

Cc: qemu-stable@nongnu.org
Fixes: de0c7d543b ("misc: Add a pca9554 GPIO device model")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Glenn Miles <milesg@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20250821154459.2417976-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
(cherry picked from commit 3284d1c07c)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2025-09-04 23:16:52 +03:00
..
aspeed_gpio.c hw/gpio/aspeed: Add AST2700 support 2024-10-24 07:57:47 +02:00
bcm2835_gpio.c hw: Use device_class_set_legacy_reset() instead of opencoding 2024-09-13 15:31:44 +01:00
bcm2838_gpio.c hw: Use device_class_set_legacy_reset() instead of opencoding 2024-09-13 15:31:44 +01:00
gpio_key.c hw: Use device_class_set_legacy_reset() instead of opencoding 2024-09-13 15:31:44 +01:00
gpio_pwr.c include: Rename sysemu/ -> system/ 2024-12-20 17:44:56 +01:00
imx_gpio.c hw/gpio/imx_gpio: Fix interpretation of GDIR polarity 2025-05-08 12:18:57 +03:00
Kconfig hw/gpio/pca955*: Move Kconfig switches next to implementations 2025-02-25 15:32:58 +00:00
meson.build hw/gpio: Remove MAX7310 device 2024-10-15 15:16:17 +01:00
mpc8xxx.c hw/gpio/mpc8xxx: Prefer DEFINE_TYPES() macro 2024-11-05 23:32:25 +00:00
npcm7xx_gpio.c hw/gpio: npcm7xx: fixup out-of-bounds access 2025-03-07 10:08:19 +00:00
nrf51_gpio.c hw/gpio: remove break after g_assert_not_reached() 2024-09-13 20:12:16 +02:00
omap_gpio.c include/hw/qdev-properties: Remove DEFINE_PROP_END_OF_LIST 2024-12-19 19:36:37 +01:00
pca9552.c include/hw/qdev-properties: Remove DEFINE_PROP_END_OF_LIST 2024-12-19 19:36:37 +01:00
pca9554.c hw/gpio/pca9554: Avoid leak in pca9554_set_pin() 2025-09-04 23:16:52 +03:00
pcf8574.c hw: Use device_class_set_legacy_reset() instead of opencoding 2024-09-13 15:31:44 +01:00
pl061.c include/hw/qdev-properties: Remove DEFINE_PROP_END_OF_LIST 2024-12-19 19:36:37 +01:00
sifive_gpio.c include/hw/qdev-properties: Remove DEFINE_PROP_END_OF_LIST 2024-12-19 19:36:37 +01:00
stm32l4x5_gpio.c include/hw/qdev-properties: Remove DEFINE_PROP_END_OF_LIST 2024-12-19 19:36:37 +01:00
trace-events hw/gpio/imx_gpio: Turn DPRINTF() into trace events 2025-01-13 17:16:04 +01:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
zaurus.c hw: arm: Remove use of tabs in some source files 2024-05-28 14:20:48 +01:00