From e0641d266a06ff59f0e3846d7cd7a23cfe89c6ce Mon Sep 17 00:00:00 2001
From: Adrian Reber <areber@redhat.com>
Date: Mon, 28 Sep 2020 07:17:46 +0000
Subject: [PATCH] uffd: Resource leak (RESOURCE_LEAK)

CID 226485 (#1 of 3): Resource leak (RESOURCE_LEAK)
 Variable events going out of scope leaks the storage it points to

CID 226485 (#2 of 3): Resource leak (RESOURCE_LEAK)
 Variable events going out of scope leaks the storage it points to

CID 226485 (#3 of 3): Resource leak (RESOURCE_LEAK)
 Variable events going out of scope leaks the storage it points to

Also changed epoll_prepare() to check return value of epoll_create()
against '< 0' instead if '== -1' to make coverity happy.

Signed-off-by: Adrian Reber <areber@redhat.com>
---
 criu/uffd.c | 11 ++++++++---
 criu/util.c |  2 +-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/criu/uffd.c b/criu/uffd.c
index 5f4c15a60fc..a6886ca1082 100644
--- a/criu/uffd.c
+++ b/criu/uffd.c
@@ -1421,7 +1421,7 @@ static int prepare_uffds(int listen, int epollfd)
 
 int cr_lazy_pages(bool daemon)
 {
-	struct epoll_event *events;
+	struct epoll_event *events = NULL;
 	int nr_fds;
 	int lazy_sk;
 	int ret;
@@ -1469,17 +1469,22 @@ int cr_lazy_pages(bool daemon)
 	if (epollfd < 0)
 		return -1;
 
-	if (prepare_uffds(lazy_sk, epollfd))
+	if (prepare_uffds(lazy_sk, epollfd)) {
+		xfree(events);
 		return -1;
+	}
 
 	if (opts.use_page_server) {
-		if (connect_to_page_server_to_recv(epollfd))
+		if (connect_to_page_server_to_recv(epollfd)) {
+			xfree(events);
 			return -1;
+		}
 	}
 
 	ret = handle_requests(epollfd, events, nr_fds);
 
 	tls_terminate_session();
 
+	xfree(events);
 	return ret;
 }
diff --git a/criu/util.c b/criu/util.c
index 111c956d28a..a88da8d0377 100644
--- a/criu/util.c
+++ b/criu/util.c
@@ -1289,7 +1289,7 @@ int epoll_prepare(int nr_fds, struct epoll_event **events)
 		return -1;
 
 	epollfd = epoll_create(nr_fds);
-	if (epollfd == -1) {
+	if (epollfd < 0) {
 		pr_perror("epoll_create failed");
 		goto free_events;
 	}