[libvirt] [PATCH] Fix crash in virNetDevGetVirtualFunctions
Eric Blake
eblake at redhat.com
Tue Apr 9 18:21:18 UTC 2013
On 04/09/2013 12:15 PM, Laine Stump wrote:
> Commit 9a3ff01d7f16cc280ce3176620c0714f55511a65 (which was ACKed at
> the end of January, but for some reason didn't get pushed until during
> the 1.0.4 freeze) fixed the logic in virPCIGetVirtualFunctions().
> Unfortunately, a typo in the fix (replacing VIR_REALLOC_N with
> VIR_ALLOC_N during code movement) caused not only a memory leak, but
> also resulted in most of the elements of the result array being
> replaced with NULL. virNetDevGetVirtualFunctions() assumed (and I think
> rightly so) that virPCIGetVirtualFunctions() wouldn't return any NULL
> elements in the array, so it ended up segfaulting.
What a difference two characters makes.
> src/util/virpci.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/src/util/virpci.c b/src/util/virpci.c
> index a0da1cd..85cd694 100644
> --- a/src/util/virpci.c
> +++ b/src/util/virpci.c
> @@ -2026,8 +2026,8 @@ virPCIGetVirtualFunctions(const char *sysfs_path,
> continue;
> }
>
> - if (VIR_ALLOC_N(*virtual_functions,
> - *num_virtual_functions + 1) < 0) {
> + if (VIR_REALLOC_N(*virtual_functions,
> + *num_virtual_functions + 1) < 0) {
> virReportOOMError();
ACK.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130409/a4231118/attachment-0001.sig>
More information about the libvir-list
mailing list