[libvirt] [PATCH] domain_conf: fix possible memory leak

Until now, it was possible to crash libvirtd when defining domain with channel device with missing source element. When creating new virDomainChrDef, target.port is set to -1, but unfortunately it is an union with addresses that virDomainChrDefFree tries to free in case the deviceType is channel. Having the port set to -1 is intended, however the cleanest way to get around the problems with the crash seems to be renumbering the VIR_DOMAIN_CHR_CHANNEL_ target types to cover new NONE type (with value 0) being the default (no target type yet). --- src/conf/domain_conf.c | 1 + src/conf/domain_conf.h | 3 ++- 2 files changed, 3 insertions(+), 1 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 7bd61a5..41f22d2 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -307,6 +307,7 @@ VIR_ENUM_IMPL(virDomainNetInterfaceLinkState, VIR_DOMAIN_NET_INTERFACE_LINK_STAT VIR_ENUM_IMPL(virDomainChrChannelTarget, VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_LAST, + "none", "guestfwd", "virtio") diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index d627ad8..531176c 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -855,7 +855,8 @@ enum virDomainChrDeviceType { }; enum virDomainChrChannelTargetType { - VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_GUESTFWD = 0, + VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_NONE = 0, + VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_GUESTFWD, VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO, VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_LAST, -- 1.7.8.6