[libvirt] [PATCH] conf: prevent NULL pointer access in virSecurityLabelDefsParseXML
When checking for seclabels without security models, def->nseclabels is already set to n. In the case of an error def->seclabels is freed but nseclabels is left untouched. This leads to a segmentation fault when def is freed in virDomainDefParseXML. --- src/conf/domain_conf.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 82ccf4d..c02d6f8 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3179,6 +3179,7 @@ error: virSecurityLabelDefFree(def->seclabels[i - 1]); } VIR_FREE(def->seclabels); + def->nseclabels = 0; VIR_FREE(list); return -1; } -- 1.7.8.6
On 08/27/12 14:51, Ján Tomko wrote:
When checking for seclabels without security models, def->nseclabels is already set to n. In the case of an error def->seclabels is freed but nseclabels is left untouched. This leads to a segmentation fault when def is freed in virDomainDefParseXML. --- src/conf/domain_conf.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-)
ACK && pushed. Peter
participants (2)
-
Ján Tomko -
Peter Krempa