On Mon, Apr 14, 2025 at 15:02:35 +0300, Alexander Kuznetsov wrote: While this fixes this case originally virNWFilterInstReset could be called multiple times. This was broken by commit bb4e0596d91, which replaced VIR_FREE (which clears pointers) to g_free which doesn't in code paths which do not free the cleared object. virNWFilterInstReset needs to use g_clear_pointer(..., g_free) instead.

virNWFilterInstReset() may be called multiple times, leading to a double g_free() Replace plain g_free() with g_clear_pointer() to prevent this Found by Linux Verification Center (linuxtesting.org) with Svace. Reported-by: Dmitry Fedin <d.fedin(a)fobos-nt.ru&gt; Signed-off-by: Alexander Kuznetsov <kuznetsovam(a)altlinux.org&gt; --- src/nwfilter/nwfilter_gentech_driver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter_gentech_driver.c index f7a909bdc0..7462b84f88 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -203,12 +203,12 @@ virNWFilterInstReset(virNWFilterInst *inst) for (i = 0; i < inst->nfilters; i++) virNWFilterObjUnlock(inst->filters[i]); - g_free(inst->filters); + g_clear_pointer(inst->filters, g_free); inst->nfilters = 0; for (i = 0; i < inst->nrules; i++) virNWFilterRuleInstFree(inst->rules[i]); - g_free(inst->rules); + g_clear_pointer(inst->rules, g_free); inst->nrules = 0; } -- 2.42.4