diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2014-02-17 18:55:34 +0000 |
|---|---|---|
| committer | Riku Voipio <riku.voipio@linaro.org> | 2014-02-19 12:29:23 +0200 |
| commit | 69d4c703a549f0630793a67b16a8fc6bc14c8654 (patch) | |
| tree | 4a2a94e97938666365eef461fb19f043f5f1fdc5 /linux-user | |
| parent | fff8c539bd69dce14c63827111e9d74e6b961317 (diff) | |
| download | qemu-69d4c703a549f0630793a67b16a8fc6bc14c8654.tar.gz qemu-69d4c703a549f0630793a67b16a8fc6bc14c8654.tar.bz2 qemu-69d4c703a549f0630793a67b16a8fc6bc14c8654.zip | |
linux-user: Fix error handling in target_to_host_semarray()
Fix two issues in error handling in target_to_host_semarray():
* don't leak the host_array buffer if lock_user fails
* return an error if malloc() fails
v2: added missing * -Riku Voipio
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Diffstat (limited to 'linux-user')
| -rw-r--r-- | linux-user/syscall.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 8f5a58ee0b..1407b7a546 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -2430,10 +2430,15 @@ static inline abi_long target_to_host_semarray(int semid, unsigned short **host_ nsems = semid_ds.sem_nsems; *host_array = malloc(nsems*sizeof(unsigned short)); + if (!*host_array) { + return -TARGET_ENOMEM; + } array = lock_user(VERIFY_READ, target_addr, nsems*sizeof(unsigned short), 1); - if (!array) + if (!array) { + free(*host_array); return -TARGET_EFAULT; + } for(i=0; i<nsems; i++) { __get_user((*host_array)[i], &array[i]); |