Re: [libvirt] [PATCH 1/2] bhyve: fix crash in bhyveBuildNetArgStr

On 06/13/2014 10:48 AM, Roman Bogorodskiy wrote: > bhyveBuildNetArgStr() calls virNetDevTapCreateInBridgePort() and > passes tapfd = NULL, but tapfdSize = 1. That is wrong, because > if virNetDevTapCreateInBridgePort() crashes after successfully > creating a TAP device, it'll jump to 'error' label, that > loops over tapfd and calls VIR_FORCE_CLOSE: > > for (i = 0; i < tapfdSize && tapfd[i] >= 0; i++) > > In that case we get a segfault. > > As the bhyve code doesn't use tapfd, pass NULL and set tapfdSize to 0. > --- > src/bhyve/bhyve_command.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) ACK.