From c42ebd5ba6f1fb861cabdbe44ab10df55b9b3ada Mon Sep 17 00:00:00 2001 From: Edward Welbourne Date: Mon, 21 Jun 2021 12:03:10 +0200 Subject: [PATCH] Fix leak of transaction context handle in QSql's OCI driver Transaction handles were allocated but nowhere freed. Thanks to Stefan Latsch for pointing this out and suggesting the fix. Make the handle yet another member of QOCIDriverPrivate so that close() can free it. At the same time, also free the service context handle d->svc when failing do open(); and shuffle the order of frees to be the reverse of the order of allocations. Fixes: QTBUG-94246 Pick-to: 6.2 6.1 5.15 Change-Id: I45818ada6d884b06028056d28635390a300e2def Reviewed-by: Andy Shaw --- src/plugins/sqldrivers/oci/qsql_oci.cpp | 32 ++++++++++++++++--------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/src/plugins/sqldrivers/oci/qsql_oci.cpp b/src/plugins/sqldrivers/oci/qsql_oci.cpp index 1566428f26..1ee4e26729 100644 --- a/src/plugins/sqldrivers/oci/qsql_oci.cpp +++ b/src/plugins/sqldrivers/oci/qsql_oci.cpp @@ -1,6 +1,6 @@ /**************************************************************************** ** -** Copyright (C) 2016 The Qt Company Ltd. +** Copyright (C) 2021 The Qt Company Ltd. ** Contact: https://www.qt.io/licensing/ ** ** This file is part of the QtSql module of the Qt Toolkit. @@ -226,6 +226,7 @@ public: OCISvcCtx *svc; OCIServer *srvhp; OCISession *authp; + OCITrans *trans = nullptr; OCIError *err; bool transaction; int serverVersion; @@ -2296,11 +2297,12 @@ bool QOCIDriver::open(const QString & db, r = OCIAttrSet(d->authp, OCI_HTYPE_SESSION, const_cast(password.utf16()), password.length() * sizeof(QChar), OCI_ATTR_PASSWORD, d->err); - OCITrans* trans; + if (r == OCI_SUCCESS) { + r = OCIHandleAlloc(d->env, reinterpret_cast(&d->trans), OCI_HTYPE_TRANS, + 0, nullptr); + } if (r == OCI_SUCCESS) - r = OCIHandleAlloc(d->env, reinterpret_cast(&trans), OCI_HTYPE_TRANS, 0, 0); - if (r == OCI_SUCCESS) - r = OCIAttrSet(d->svc, OCI_HTYPE_SVCCTX, trans, 0, OCI_ATTR_TRANS, d->err); + r = OCIAttrSet(d->svc, OCI_HTYPE_SVCCTX, d->trans, 0, OCI_ATTR_TRANS, d->err); if (r == OCI_SUCCESS) { if (user.isEmpty() && password.isEmpty()) @@ -2314,12 +2316,18 @@ bool QOCIDriver::open(const QString & db, if (r != OCI_SUCCESS) { setLastError(qMakeError(tr("Unable to logon"), QSqlError::ConnectionError, d->err)); setOpenError(true); + if (d->trans) + OCIHandleFree(d->trans, OCI_HTYPE_TRANS); + d->trans = nullptr; if (d->authp) OCIHandleFree(d->authp, OCI_HTYPE_SESSION); - d->authp = 0; + d->authp = nullptr; + if (d->svc) + OCIHandleFree(d->svc, OCI_HTYPE_SVCCTX); + d->svc = nullptr; if (d->srvhp) OCIHandleFree(d->srvhp, OCI_HTYPE_SERVER); - d->srvhp = 0; + d->srvhp = nullptr; return false; } @@ -2359,12 +2367,14 @@ void QOCIDriver::close() OCISessionEnd(d->svc, d->err, d->authp, OCI_DEFAULT); OCIServerDetach(d->srvhp, d->err, OCI_DEFAULT); + OCIHandleFree(d->trans, OCI_HTYPE_TRANS); + d->trans = nullptr; OCIHandleFree(d->authp, OCI_HTYPE_SESSION); - d->authp = 0; - OCIHandleFree(d->srvhp, OCI_HTYPE_SERVER); - d->srvhp = 0; + d->authp = nullptr; OCIHandleFree(d->svc, OCI_HTYPE_SVCCTX); - d->svc = 0; + d->svc = nullptr; + OCIHandleFree(d->srvhp, OCI_HTYPE_SERVER); + d->srvhp = nullptr; setOpen(false); setOpenError(false); }