daemon: avoid memleak when ListAll returns nothing
authorEric Blake <eblake@redhat.com>
Fri, 13 Mar 2015 23:01:43 +0000 (17:01 -0600)
committerEric Blake <eblake@redhat.com>
Mon, 16 Mar 2015 22:22:57 +0000 (16:22 -0600)
commit70461a11b3410053b89c8c9309e011ce4f62bc07
treeef8eab76c86c8ab0acd7b2ecefa76b774cbe8ee8
parentd6e10847e0cd2bd7fc1824ad65fe859987715881
daemon: avoid memleak when ListAll returns nothing

Commit 4f25146 (v1.2.8) managed to silence Coverity, but at the
cost of a memory leak detected by valgrind:
==24129== 40 bytes in 5 blocks are definitely lost in loss record 355 of 637
==24129==    at 0x4A08B1C: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==24129==    by 0x5084B8E: virReallocN (viralloc.c:245)
==24129==    by 0x514D5AA: virDomainObjListExport (domain_conf.c:22200)
==24129==    by 0x201227DB: qemuConnectListAllDomains (qemu_driver.c:18042)
==24129==    by 0x51CC1B6: virConnectListAllDomains (libvirt-domain.c:6797)
==24129==    by 0x14173D: remoteDispatchConnectListAllDomains (remote.c:1580)
==24129==    by 0x121BE1: remoteDispatchConnectListAllDomainsHelper (remote_dispatch.h:1072)

In short, every time a client calls a ListAll variant and asks
for the resulting list, but there are 0 elements to return, we
end up leaking the 1-entry array that holds the NULL terminator.

What's worse, a read-only client can access these functions in a
tight loop to cause libvirtd to eventually run out of memory; and
this can be considered a denial of service attack against more
privileged clients.  Thankfully, the leak is so small (8 bytes per
call) that you would already have some other denial of service with
any guest calling the API that frequently, so an out-of-memory
crash is unlikely enough that this did not warrant a CVE.

* daemon/remote.c (remoteDispatchConnectListAllDomains)
(remoteDispatchDomainListAllSnapshots)
(remoteDispatchDomainSnapshotListAllChildren)
(remoteDispatchConnectListAllStoragePools)
(remoteDispatchStoragePoolListAllVolumes)
(remoteDispatchConnectListAllNetworks)
(remoteDispatchConnectListAllInterfaces)
(remoteDispatchConnectListAllNodeDevices)
(remoteDispatchConnectListAllNWFilters)
(remoteDispatchConnectListAllSecrets)
(remoteDispatchNetworkGetDHCPLeases): Plug leak.

Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 3c2ff5029b83c9b33be0f1607a3c61f4f5850612)
Signed-off-by: Eric Blake <eblake@redhat.com>

Conflicts:
daemon/remote.c - context with older cleanup styles
daemon/remote.c