diff options
| author | Chen Gang S | 2015-01-23 11:01:09 +0100 |
|---|---|---|
| committer | Michael Tokarev | 2015-02-10 07:27:20 +0100 |
| commit | 7eff518b6c91bdd62710dd9868ec7a17bd6f1434 (patch) | |
| tree | 077fcaa6aadba40c21c0e82a520bd82c28a6bc2c /linux-user/syscall.c | |
| parent | virtfs-proxy-helper: Fix possible socket leak. (diff) | |
| download | qemu-7eff518b6c91bdd62710dd9868ec7a17bd6f1434.tar.gz qemu-7eff518b6c91bdd62710dd9868ec7a17bd6f1434.tar.xz qemu-7eff518b6c91bdd62710dd9868ec7a17bd6f1434.zip | |
linux-user/syscall.c: lock_iovec: unlock vec[i] in failure processing code block
When failure occurs during locking of vec[i], we also need to unlock all
already locked vec[i] in failure processing code block before return.
Code in unlock_user() checks vec[i].iov_base for NULL, so there's no
need not check it .
If error is EFAULT when "i == 0", vec[i].iov_base is NULL, we can just
skip it, so can still use "while (--i >= 0)" loop condition.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Diffstat (limited to 'linux-user/syscall.c')
| -rw-r--r-- | linux-user/syscall.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index d4398b9c56..7b6f482970 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -1883,6 +1883,11 @@ static struct iovec *lock_iovec(int type, abi_ulong target_addr, return vec; fail: + while (--i >= 0) { + if (tswapal(target_vec[i].iov_len) > 0) { + unlock_user(vec[i].iov_base, tswapal(target_vec[i].iov_base), 0); + } + } unlock_user(target_vec, target_addr, 0); fail2: free(vec); |