fix: minor memory bugs

Signed-off-by: William Henderson <[email protected]>
nutanix · Sep 18, 2023 · b88cdd2 · b88cdd2
1 parent 190f85b
commit b88cdd2
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 10 deletions.
diff --git a/lib/libvfio-user.c b/lib/libvfio-user.c
@@ -105,7 +105,6 @@ dev_get_caps(vfu_ctx_t *vfu_ctx, vfu_reg_info_t *vfu_reg,
              struct vfio_region_info *vfio_reg, int **fds, size_t *nr_fds)
 {
     struct vfio_info_cap_header *header;
-    struct vfio_region_info_cap_type *type = NULL;
     struct vfio_region_info_cap_sparse_mmap *sparse = NULL;
 
     assert(vfu_ctx != NULL);
@@ -117,13 +116,8 @@ dev_get_caps(vfu_ctx_t *vfu_ctx, vfu_reg_info_t *vfu_reg,
 
     if (vfu_reg->mmap_areas != NULL) {
         int i, nr_mmap_areas = vfu_reg->nr_mmap_areas;
-        if (type != NULL) {
-            type->header.next = vfio_reg->cap_offset + sizeof(struct vfio_region_info_cap_type);
-            sparse = (struct vfio_region_info_cap_sparse_mmap*)(type + 1);
-        } else {
-            vfio_reg->cap_offset = sizeof(struct vfio_region_info);
-            sparse = (struct vfio_region_info_cap_sparse_mmap*)header;
-        }
+        vfio_reg->cap_offset = sizeof(struct vfio_region_info);
+        sparse = (struct vfio_region_info_cap_sparse_mmap*)header;
 
         *fds = malloc(nr_mmap_areas * sizeof(int));
         if (*fds == NULL) {

diff --git a/samples/server.c b/samples/server.c
@@ -391,7 +391,7 @@ migration_read_data(vfu_ctx_t *vfu_ctx, void *buf, uint64_t size)
     if (read_end > server_data->bar1_size) {
         length_in_bar0 = read_end - read_start;
         read_start -= server_data->bar1_size;
-        memcpy(buf + length_in_bar1, &server_data->bar0 + read_start,
+        memcpy(buf + length_in_bar1, (char *)&server_data->bar0 + read_start,
                length_in_bar0);
     }
 
@@ -435,7 +435,7 @@ migration_write_data(vfu_ctx_t *vfu_ctx, void *data, uint64_t size)
     if (write_end > server_data->bar1_size) {
         length_in_bar0 = write_end - write_start;
         write_start -= server_data->bar1_size;
-        memcpy(&server_data->bar0 + write_start, buf + length_in_bar1,
+        memcpy((char *)&server_data->bar0 + write_start, buf + length_in_bar1,
                length_in_bar0);
     }