Re: [libvirt] [PATCHv3 0/3] 'autodeflate' attribute for mememory balloon
This series is not safe - it introduces an invalid free in the XML
parser, giving the user with a read-write connection a possibility to crash
libvirtd before we get to the ACL checks.
Based on the lack of details, I assume you may be referring to:
@@ -11327,6 +11327,7 @@ virDomainMemballoonDefParseXML(xmlNodePtr node,
unsigned int flags)
{
char *model;
+ char *deflate;
virDomainMemballoonDefPtr def;
Where deflate should be set to NULL. I don't have the time/desire to
chase down empirical evidence, but from memory this is not the first
time a missed initialization such as this has occurred during a freeze.
Simple enough adjustment.
John