Fix leak on OOM when creating nwfilter rule instances

The ebiptablesAddRuleInst method would leak an instance
of ebiptablesRuleInstPtr if it hit OOM when adding it
to the list of instances. Remove the pointless helper
method virNWFilterRuleInstAddData and just inline the
call to VIR_APPEND_ELEMENT and free the instance on
failure.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
index 34107a2cc3b719092cfc83b05a9afa66528bd6dc..d0acb236582a31329f4a227ab46d5f91ab403f0b 100644 (file)
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -507,7 +507,11 @@ ebiptablesAddRuleInst(virNWFilterRuleInstPtr res,
     inst->priority = priority;
     inst->ruleType = ruleType;
 
-    return virNWFilterRuleInstAddData(res, inst);
+    if (VIR_APPEND_ELEMENT(res->data, res->ndata, inst) < 0) {
+        VIR_FREE(inst);
+        return -1;
+    }
+    return 0;
 }
 
 

diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter_gentech_driver.c
index 5c3b25edc3e16fb0429f32ab07c2e9c1fd196784..1e9b3d2dfe6e267f5f29f2d9658918d783530896 100644 (file)
--- a/src/nwfilter/nwfilter_gentech_driver.c
+++ b/src/nwfilter/nwfilter_gentech_driver.c
@@ -115,28 +115,6 @@ virNWFilterTechDriverForName(const char *name)
 }
 
 
-/**
- * virNWFilterRuleInstAddData:
- * @res : pointer to virNWFilterRuleInst object collecting the instantiation
- *        data of a single firewall rule.
- * @data : the opaque data that the driver wants to add
- *
- * Add instantiation data to a firewall rule. An instantiated firewall
- * rule may hold multiple data structure representing its instantiation
- * data. This may for example be the case if a rule has been defined
- * for bidirectional traffic and data needs to be added to the incoming
- * and outgoing chains.
- *
- * Returns 0 in case of success, -1 in case of an error.
- */
-int
-virNWFilterRuleInstAddData(virNWFilterRuleInstPtr res,
-                           void *data)
-{
-    return VIR_APPEND_ELEMENT(res->data, res->ndata, data);
-}
-
-
 static void
 virNWFilterRuleInstFree(virNWFilterRuleInstPtr inst)
 {

diff --git a/src/nwfilter/nwfilter_gentech_driver.h b/src/nwfilter/nwfilter_gentech_driver.h
index d72e0407253d45bdfb97889787f9190ab6ad8d71..52bd1f6777ec7493c95fc446c0cb9f690b685d61 100644 (file)
--- a/src/nwfilter/nwfilter_gentech_driver.h
+++ b/src/nwfilter/nwfilter_gentech_driver.h
@@ -28,9 +28,6 @@
 
 virNWFilterTechDriverPtr virNWFilterTechDriverForName(const char *name);
 
-int virNWFilterRuleInstAddData(virNWFilterRuleInstPtr res,
-                               void *data);
-
 int virNWFilterTechDriversInit(bool privileged);
 void virNWFilterTechDriversShutdown(void);