vl: fix leak of qdict_crumple return value

Coverity reports that qemu_parse_config_group is returning without
unrefing the "crumpled" dictionary in case its top level item is a
list.  But actually the contract with qemu_record_config_group is
the same as for qemu_parse_config_group itself: if those function
need to stash the dictionary they get, they have to take a reference
themselves (currently this is never the case for either function).
Therefore, just add an unconditional qobject_unref(crumpled) to
qemu_parse_config_group.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

1 files changed, 9 insertions, 4 deletions

diff --git a/softmmu/vl.c b/softmmu/vl.c
index 2004d57108..4df1496101 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2193,12 +2193,17 @@ static void qemu_parse_config_group(const char *group, QDict *qdict,
     if (!crumpled) {
         return;
     }
-    if (qobject_type(crumpled) != QTYPE_QDICT) {
-        assert(qobject_type(crumpled) == QTYPE_QLIST);
+    switch (qobject_type(crumpled)) {
+    case QTYPE_QDICT:
+        qemu_record_config_group(group, qobject_to(QDict, crumpled), false, errp);
+        break;
+    case QTYPE_QLIST:
         error_setg(errp, "Lists cannot be at top level of a configuration section");
-        return;
+        break;
+    default:
+        g_assert_not_reached();
     }
-    qemu_record_config_group(group, qobject_to(QDict, crumpled), false, errp);
+    qobject_unref(crumpled);
 }
 
 static void qemu_read_default_config_file(Error **errp)