[libvirt] [PATCH] qemu: fix crash with shared disks
Ján Tomko
jtomko at redhat.com
Thu Sep 18 07:10:24 UTC 2014
On 09/17/2014 11:05 PM, John Ferlan wrote:
> On 09/17/2014 06:45 AM, Ján Tomko wrote:
>> Commit f36a94f introduced a double free on all success paths
>> in qemuSharedDeviceEntryInsert.
>>
>> Only call qemuSharedDeviceEntryFree on the error path and
>> set entry to NULL before jumping there if the entry already
>> is in the hash table.
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=1142722
>> ---
>> src/qemu/qemu_conf.c | 26 ++++++++++++--------------
>> 1 file changed, 12 insertions(+), 14 deletions(-)
>>
...
>> + entry = NULL;
>
> [1] Assigning to NULL causes an issue
>
>> + goto error;
>> + }
>> }
...
>> + return 0;
>>
>> - cleanup:
>> + error:
>> qemuSharedDeviceEntryFree(entry, NULL);
> [1]
> Because this is prototyped as:
>
> void qemuSharedDeviceEntryFree(void *payload, const void *name)
> ATTRIBUTE_NONNULL(1);
>
> Coverity gives us a warning when entry = NULL...
>
> It's solveable by either allowing NULL for the function or only calling
> if (entry)
>
> ACK as long as we handle in some manner.
I removed the ATTRIBUTE_NONNULL as the function already handles NULL and
pushed the patch.
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140918/69f67873/attachment-0001.sig>
More information about the libvir-list
mailing list