[libvirt] [PATCH 07/23] Fix crash on OOM parsing storage pool XML

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; The virStoragePoolDefParseSource method would set def->nhosts before allocating def->hosts. If the allocation failed due to OOM, the cleanup code would crash accessing out of bounds. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/conf/storage_conf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c index 002663f..975e662 100644 --- a/src/conf/storage_conf.c +++ b/src/conf/storage_conf.c @@ -594,11 +594,11 @@ virStoragePoolDefParseSource(xmlXPathContextPtr ctxt, if ((n = virXPathNodeSet("./host", ctxt, &nodeset)) < 0) goto cleanup; - source->nhost = n; - if (source->nhost) { - if (VIR_ALLOC_N(source->hosts, source->nhost) < 0) + if (n) { + if (VIR_ALLOC_N(source->hosts, n) < 0) goto cleanup; + source->nhost = n; for (i = 0; i < source->nhost; i++) { name = virXMLPropString(nodeset[i], "name"); -- 1.8.3.1