From 904e59f43a930c93549211ebd1c3296a5bf126f7 Mon Sep 17 00:00:00 2001
From: Daniel Henrique Barboza <danielhb413@gmail.com>
Date: Sat, 14 Nov 2020 09:56:41 -0300
Subject: [PATCH] qemu_tpm.c: fix 'shortName' leak

This is a Coverity fix pointed out by John in IRC. This code
was introduced in 19d74fdf0eb, when the TPM Proxy device for
for ppc64 was introduced.

This will leak in case we have 2 TPMs in the same domain, a
possible scenario with the protected Ultravisor execution in
PowerPC guests.

Fixes: 19d74fdf0eb5d2e89e80ceedea736425160ffccb
Reported-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
---
 src/qemu/qemu_tpm.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index 8adb0e42b8..872be16570 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -841,10 +841,11 @@ qemuExtTPMStop(virQEMUDriverPtr driver,
                virDomainObjPtr vm)
 {
     g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
-    g_autofree char *shortName = NULL;
     size_t i;
 
     for (i = 0; i < vm->def->ntpms; i++) {
+        g_autofree char *shortName = NULL;
+
         if (vm->def->tpms[i]->type != VIR_DOMAIN_TPM_TYPE_EMULATOR)
             continue;
 
@@ -866,12 +867,13 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver,
                       virCgroupPtr cgroup)
 {
     g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
-    g_autofree char *shortName = NULL;
     int rc;
     pid_t pid;
     size_t i;
 
     for (i = 0; i < def->ntpms; i++) {
+        g_autofree char *shortName = NULL;
+
         if (def->tpms[i]->type != VIR_DOMAIN_TPM_TYPE_EMULATOR)
             continue;