libxl: don't leak ptr in libxl_list_vm error case

While at it, tidy up the function; there's no point in allocating more
than the amount of domains actually returned by xc_domain_getinfolist
(barring the caveat described in the newly-added comment)

Coverity-ID: 1055888
Signed-off-by: Matthew Daley <mattd@bugfuzz.com>

diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
index fd8b988feae9ca260cfc160d2ebe699db22feec6..e8ad6108c8d63c65a2fcc77fe55dd19b551464e3 100644 (file)
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -669,20 +669,24 @@ out:
  * be an aggregate of multiple domains. */
 libxl_vminfo * libxl_list_vm(libxl_ctx *ctx, int *nb_vm_out)
 {
-    libxl_vminfo *ptr;
+    GC_INIT(ctx);
+    libxl_vminfo *ptr = NULL;
     int idx, i, ret;
     xc_domaininfo_t info[1024];
-    int size = 1024;
 
-    ptr = calloc(size, sizeof(libxl_vminfo));
-    if (!ptr)
-        return NULL;
-
-    ret = xc_domain_getinfolist(ctx->xch, 1, 1024, info);
-    if (ret<0) {
-        LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "geting domain info list");
-        return NULL;
+    ret = xc_domain_getinfolist(ctx->xch, 1, ARRAY_SIZE(info), info);
+    if (ret < 0) {
+        LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "getting domain info list");
+        goto out;
     }
+
+    /*
+     * Always make sure to allocate at least one element; if we don't and we
+     * request zero, libxl__calloc (might) think its internal call to calloc
+     * has failed (if it returns null), if so it would kill our process.
+     */
+    ptr = libxl__calloc(NOGC, ret ? ret : 1, sizeof(libxl_vminfo));
+
     for (idx = i = 0; i < ret; i++) {
         if (libxl_is_stubdom(ctx, info[i].domain, NULL))
             continue;
@@ -692,6 +696,9 @@ libxl_vminfo * libxl_list_vm(libxl_ctx *ctx, int *nb_vm_out)
         idx++;
     }
     *nb_vm_out = idx;
+
+out:
+    GC_FREE;
     return ptr;
 }