On Sun, Jan 03, 2010 at 08:33:03PM +0100, Matthias Bolte wrote:

This invalid free results in heap corruption. Some symptoms I saw because of this were libvirtd crashing and virt-manager hanging while trying to enumerate devices. --- src/node_device/node_device_driver.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/node_device/node_device_driver.c b/src/node_device/node_device_driver.c index ecbac0f..fbadfca 100644 --- a/src/node_device/node_device_driver.c +++ b/src/node_device/node_device_driver.c @@ -78,7 +78,7 @@ static int update_driver_name(virConnectPtr conn, virNodeDeviceObjPtr dev) { char *driver_link = NULL; - char *devpath; + char *devpath = NULL; char *p; int ret = -1;

@@ -114,7 +114,7 @@ static int update_driver_name(virConnectPtr conn,

cleanup: VIR_FREE(driver_link); - free(devpath); + VIR_FREE(devpath); return ret; } #else

ACK, thanks :-) Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/