qapi: Clean up visitor's recovery from input with invalid type

An alternate type's visit_type_FOO() fails when it runs into an invalid ->type. If it's an input visit, we then need to free the the object we got from visit_start_alternate(). We do that with qapi_free_FOO(), which uses the dealloc visitor. Trouble is that object is in a bad state: its ->type is invalid. So the dealloc visitor will run into the same error again, and the error recovery skips deallocating the alternate's (invalid) alternative. Works, because qapi_free_FOO() ignores the error. Avoid it instead: free the messed up object with by g_free(). Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20200424084338.26803-11-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
qemu · Apr 30, 2020 · c978bd5 · c978bd5
1 parent faad584
commit c978bd5
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/scripts/qapi/visit.py b/scripts/qapi/visit.py
@@ -234,6 +234,9 @@ def gen_visit_alternate(name, variants):
     default:
         error_setg(&err, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
                    "%(name)s");
+        /* Avoid passing invalid *obj to qapi_free_%(c_name)s() */
+        g_free(*obj);
+        *obj = NULL;
     }
 out_obj:
     visit_end_alternate(v, (void **)obj);