[libvirt] [PATCH 1/2] bhyve: fix crash in bhyveBuildNetArgStr
Roman Bogorodskiy
bogorodskiy at gmail.com
Fri Jun 13 17:55:25 UTC 2014
Eric Blake wrote:
> On 06/13/2014 10:48 AM, Roman Bogorodskiy wrote:
> > bhyveBuildNetArgStr() calls virNetDevTapCreateInBridgePort() and
> > passes tapfd = NULL, but tapfdSize = 1. That is wrong, because
> > if virNetDevTapCreateInBridgePort() crashes after successfully
> > creating a TAP device, it'll jump to 'error' label, that
> > loops over tapfd and calls VIR_FORCE_CLOSE:
> >
> > for (i = 0; i < tapfdSize && tapfd[i] >= 0; i++)
> >
> > In that case we get a segfault.
> >
> > As the bhyve code doesn't use tapfd, pass NULL and set tapfdSize to 0.
> > ---
> > src/bhyve/bhyve_command.c | 3 +--
> > 1 file changed, 1 insertion(+), 2 deletions(-)
>
> ACK.
Thanks; pushed.
Roman Bogorodskiy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140613/ecc01ae1/attachment-0001.sig>
More information about the libvir-list
mailing list