diff options
author | Ben Pfaff <blp@nicira.com> | 2013-01-07 14:51:06 -0800 |
---|---|---|
committer | Ben Pfaff <blp@nicira.com> | 2013-01-07 14:51:06 -0800 |
commit | 3f0cedd5947103299bf482a921c745856b208d0e (patch) | |
tree | 59b5b2c3e08db5c0d78178178e30d241312b8dd0 | |
parent | 7d773e831414e13515a84a412783cdd9dcaa3378 (diff) |
rconn: Avoid memory leak in rconn_send_with_limit() on queue overflow.
Bug #14357.
Reported-by: Luca Giraudo <lgiraudo@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
-rw-r--r-- | lib/rconn.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/lib/rconn.c b/lib/rconn.c index 603175bd..0d3cfecb 100644 --- a/lib/rconn.c +++ b/lib/rconn.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc. + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -620,12 +620,13 @@ int rconn_send_with_limit(struct rconn *rc, struct ofpbuf *b, struct rconn_packet_counter *counter, int queue_limit) { - int retval; - retval = counter->n >= queue_limit ? EAGAIN : rconn_send(rc, b, counter); - if (retval) { + if (counter->n < queue_limit) { + return rconn_send(rc, b, counter); + } else { COVERAGE_INC(rconn_overflow); + ofpbuf_delete(b); + return EAGAIN; } - return retval; } /* Returns the total number of packets successfully sent on the underlying |