[libvirt] [PATCH] qemu: Avoid dereference of NULL pointer
If something fails while initializing qemu job object in qemuDomainObjPrivateAlloc(), memory to the private pointer is freed, but after that, the pointer is still dereferenced, which may result in a segfault. * qemuDomainObjPrivateAlloc() - Don't dereference NULL pointer. --- I added the label and jump with future expansions in mind, as I've found this bug while modifying said function. src/qemu/qemu_domain.c | 6 +++++- 1 files changed, 5 insertions(+), 1 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 3e755d7..d33d1d9 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -214,11 +214,15 @@ static void *qemuDomainObjPrivateAlloc(void) return NULL; if (qemuDomainObjInitJob(priv) < 0) - VIR_FREE(priv); + goto error; priv->migMaxBandwidth = QEMU_DOMAIN_DEFAULT_MIG_BANDWIDTH_MAX; return priv; + +error: + VIR_FREE(priv); + return NULL; } static void qemuDomainObjPrivateFree(void *data) -- 1.7.3.4
On Wed, Nov 23, 2011 at 15:58:10 +0100, Peter Krempa wrote:
If something fails while initializing qemu job object in qemuDomainObjPrivateAlloc(), memory to the private pointer is freed, but after that, the pointer is still dereferenced, which may result in a segfault.
* qemuDomainObjPrivateAlloc() - Don't dereference NULL pointer. --- I added the label and jump with future expansions in mind, as I've found this bug while modifying said function.
src/qemu/qemu_domain.c | 6 +++++- 1 files changed, 5 insertions(+), 1 deletions(-)
ACK Jirka
participants (2)
-
Jiri Denemark -
Peter Krempa