1:15 a.m.
Hi, all.
There is a case of a NULL dereference in function remoteDomainEventQueueFlush()
in remote_driver.c
In the case of local connection conn->privateData->domainEvents isn't reserved.
In this case it will occurs segment fault.
(for example examples/domain-events/events-c/event-test.c)
I think the following patch will be available.
Thanks.
---
src/remote/remote_driver.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index d6f5fce..b112fd3 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -8709,7 +8709,7 @@ void
remoteDomainEventQueueFlush(int timer ATTRIBUTE_UNUSED, void *opaque)
{
virConnectPtr conn = opaque;
- struct private_data *priv = conn->privateData;
+ struct private_data *priv = conn->networkPrivateData;
virDomainEventQueue tempQueue;
remoteDriverLock(priv);
--
1.5.6.1
--
kakuma <f-kak(a)ksh.biglobe.ne.jp>
2:39 a.m.
2010/1/12 kakuma <f-kak(a)ksh.biglobe.ne.jp>:
Hi, all.
There is a case of a NULL dereference in function remoteDomainEventQueueFlush()
in remote_driver.c
In the case of local connection conn->privateData->domainEvents isn't
reserved.
In this case it will occurs segment fault.
(for example examples/domain-events/events-c/event-test.c)
I think the following patch will be available.
Thanks.
---
src/remote/remote_driver.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index d6f5fce..b112fd3 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -8709,7 +8709,7 @@ void
remoteDomainEventQueueFlush(int timer ATTRIBUTE_UNUSED, void *opaque)
{
virConnectPtr conn = opaque;
- struct private_data *priv = conn->privateData;
+ struct private_data *priv = conn->networkPrivateData;
virDomainEventQueue tempQueue;
remoteDriverLock(priv);
--
1.5.6.1
--
kakuma <f-kak(a)ksh.biglobe.ne.jp>
NACK.
Actually this is a workaround for the segfault. I prefer a proper fix.
I haven't understood yet how the event-test causes a segfault here,
but the event-test code itself is broken for multiple added event
handles. In contrast the Python event-test handles multiple added
event handles properly and doesn't trigger this segfault.
Matthias
4:55 a.m.
On Tue, 12 Jan 2010 02:39:58 +0100
Matthias Bolte <matthias.bolte(a)googlemail.com> wrote:
2010/1/12 kakuma <f-kak(a)ksh.biglobe.ne.jp>:
> Hi, all.
>
> There is a case of a NULL dereference in function remoteDomainEventQueueFlush()
> in remote_driver.c
> In the case of local connection conn->privateData->domainEvents isn't
reserved.
> In this case it will occurs segment fault.
> (for example examples/domain-events/events-c/event-test.c)
> I think the following patch will be available.
>
> Thanks.
>
> ---
> ?src/remote/remote_driver.c | ? ?2 +-
> ?1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
> index d6f5fce..b112fd3 100644
> --- a/src/remote/remote_driver.c
> +++ b/src/remote/remote_driver.c
> @@ -8709,7 +8709,7 @@ void
> ?remoteDomainEventQueueFlush(int timer ATTRIBUTE_UNUSED, void *opaque)
> ?{
> ? ? virConnectPtr conn = opaque;
> - ? ?struct private_data *priv = conn->privateData;
> + ? ?struct private_data *priv = conn->networkPrivateData;
> ? ? virDomainEventQueue tempQueue;
>
> ? ? remoteDriverLock(priv);
> --
> 1.5.6.1
>
> --
> kakuma <f-kak(a)ksh.biglobe.ne.jp>
>
NACK.
Actually this is a workaround for the segfault. I prefer a proper fix.
I haven't understood yet how the event-test causes a segfault here,
but the event-test code itself is broken for multiple added event
handles. In contrast the Python event-test handles multiple added
event handles properly and doesn't trigger this segfault.
Matthias
Thank you for your reply. OK. I will expect your fix.
Thanks.
--
kakuma <f-kak(a)ksh.biglobe.ne.jp>
5365
days inactive
5365
days old
2 comments
2 participants
participants (2)
-
kakuma -
Matthias Bolte