[libvirt] [PATCH 1/3] virStorageSourceClear: Don't leave dangling pointers behind
Michal Privoznik
mprivozn at redhat.com
Wed Apr 5 08:50:53 UTC 2017
Imagine that this function is called twice over the same disk
source. While in the first run all allocated memory is freed, not
all pointers are set to NULL (e.g. def->srcpool). So when called
again, these poitners are freed again resulting in double free.
Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
src/util/virstoragefile.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index 22cdb83..57a298f 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2238,6 +2238,8 @@ virStorageSourceClear(virStorageSourcePtr def)
VIR_FREE(def->nodeformat);
virStorageSourceBackingStoreClear(def);
+
+ memset(def, 0, sizeof(*def));
}
--
2.10.2
More information about the libvir-list
mailing list