9:27 p.m.
Hi guys,
while doing some random tests using the ESX driver, I faced a crash, and these
two patches are trying to solve. I don't know if there is a better way to solve
it, since ESX driver *generated* code to alloc and free some *generated*
structs, but, please let me know if you have a better idea.
Thanks,
Marcos Paulo de Souza (2):
esx: Do not crash SetAutoStart by double free
esx: Fix SetAutoStart invalid pointer free
src/esx/esx_driver.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
--
2.17.1
9:27 p.m.
New subject: [libvirt] [PATCH 1/2] esx: Do not crash SetAutoStart by double free
SetAutoStart method cannot free virtualMachine using
esxVI_ObjectContent_Free, since:
esxVI_HostAutoStartManagerConfig_Free
-> esxVI_AutoStartPowerInfo_Free
-> esxVI_ManagedObjectReference_Free(item->key);
item->key, in this context, is virtualMachine->obj, so calling
esxVI_ObjectContent_Free creates a double free, becasuse
esxVI_ObjectContent_Free also calls esxVI_ManagedObjectReference_Free(&item->obj).
Removing the esxVI_ObjectContent_Free from SetAutoStart fixes this
problem.
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org(a)gmail.com>
---
src/esx/esx_driver.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index cee98ebcaf..3835e4cb3c 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -3421,7 +3421,9 @@ esxDomainSetAutostart(virDomainPtr domain, int autostart)
newPowerInfo->stopAction = NULL;
}
- esxVI_ObjectContent_Free(&virtualMachine);
+ /* HostAutoStartManagerConfig free method will call autoStartPowerInfoFree
+ * in order to free virtualMachine, since newPowerInfo-> key points to
+ * virtualMachine */
esxVI_HostAutoStartManagerConfig_Free(&spec);
esxVI_AutoStartDefaults_Free(&defaults);
esxVI_AutoStartPowerInfo_Free(&powerInfoList);
--
2.17.1
9:27 p.m.
New subject: [libvirt] [PATCH 2/2] esx: Fix SetAutoStart invalid pointer free
esxVI_AutoStartPowerInfo_Free, which is called from
esxVI_HostAutoStartManagerConfig_Free, will always call VIR_FREE to free
memory from {start,stop}Action, leading to a invalid pointer.
With this patch applied, ESX can set autostart successfully to all it's
domains.
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org(a)gmail.com>
---
src/esx/esx_driver.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index 3835e4cb3c..a49862a1de 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -3386,7 +3386,9 @@ esxDomainSetAutostart(virDomainPtr domain, int autostart)
if (esxVI_AutoStartPowerInfo_Alloc(&newPowerInfo) < 0 ||
esxVI_Int_Alloc(&newPowerInfo->startOrder) < 0 ||
esxVI_Int_Alloc(&newPowerInfo->startDelay) < 0 ||
- esxVI_Int_Alloc(&newPowerInfo->stopDelay) < 0) {
+ esxVI_Int_Alloc(&newPowerInfo->stopDelay) < 0 ||
+ VIR_ALLOC_N(newPowerInfo->startAction, 8) < 0 ||
+ VIR_ALLOC_N(newPowerInfo->stopAction, 5) < 0) {
goto cleanup;
}
@@ -3394,9 +3396,9 @@ esxDomainSetAutostart(virDomainPtr domain, int autostart)
newPowerInfo->startOrder->value = -1; /* no specific start order */
newPowerInfo->startDelay->value = -1; /* use system default */
newPowerInfo->waitForHeartbeat =
esxVI_AutoStartWaitHeartbeatSetting_SystemDefault;
- newPowerInfo->startAction = autostart ? (char *)"powerOn" : (char
*)"none";
+ strcpy(newPowerInfo->startAction, autostart ? (char *)"powerOn" : (char
*)"none");
newPowerInfo->stopDelay->value = -1; /* use system default */
- newPowerInfo->stopAction = (char *)"none";
+ strcpy(newPowerInfo->stopAction, (char *)"none");
if (esxVI_AutoStartPowerInfo_AppendToList(&spec->powerInfo,
newPowerInfo) < 0) {
--
2.17.1
3:38 a.m.
New subject: [libvirt] [PATCH 2/2] esx: Fix SetAutoStart invalid pointer free
On Wed, Aug 1, 2018 at 10:27 AM, Marcos Paulo de Souza <
marcos.souza.org(a)gmail.com> wrote:
esxVI_AutoStartPowerInfo_Free, which is called from
esxVI_HostAutoStartManagerConfig_Free, will always call VIR_FREE to free
memory from {start,stop}Action, leading to a invalid pointer.
With this patch applied, ESX can set autostart successfully to all it's
domains.
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org(a)gmail.com>
---
src/esx/esx_driver.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index 3835e4cb3c..a49862a1de 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -3386,7 +3386,9 @@ esxDomainSetAutostart(virDomainPtr domain, int
autostart)
if (esxVI_AutoStartPowerInfo_Alloc(&newPowerInfo) < 0 ||
esxVI_Int_Alloc(&newPowerInfo->startOrder) < 0 ||
esxVI_Int_Alloc(&newPowerInfo->startDelay) < 0 ||
- esxVI_Int_Alloc(&newPowerInfo->stopDelay) < 0) {
+ esxVI_Int_Alloc(&newPowerInfo->stopDelay) < 0 ||
+ VIR_ALLOC_N(newPowerInfo->startAction, 8) < 0 ||
+ VIR_ALLOC_N(newPowerInfo->stopAction, 5) < 0) {
goto cleanup;
}
@@ -3394,9 +3396,9 @@ esxDomainSetAutostart(virDomainPtr domain, int
autostart)
newPowerInfo->startOrder->value = -1; /* no specific start order */
newPowerInfo->startDelay->value = -1; /* use system default */
newPowerInfo->waitForHeartbeat = esxVI_AutoStartWaitHeartbeatSe
tting_SystemDefault;
- newPowerInfo->startAction = autostart ? (char *)"powerOn" : (char
*)"none";
+ strcpy(newPowerInfo->startAction, autostart ? (char *)"powerOn" :
(char *)"none");
Please use virStrcpyStatic, seeing https://libvirt.org/hacking.
html#string_copying
newPowerInfo->stopDelay->value = -1; /* use system default
*/
- newPowerInfo->stopAction = (char *)"none";
+ strcpy(newPowerInfo->stopAction, (char *)"none");
The same here
if
(esxVI_AutoStartPowerInfo_AppendToList(&spec->powerInfo,
newPowerInfo) < 0) {
--
2.17.1
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
Best regards,
-----------------------------------
Han Han
Quality Engineer
Redhat.
Email: hhan(a)redhat.com
Phone: +861065339333
2305
days inactive
2305
days old
3 comments
2 participants
participants (2)
-
Han Han -
Marcos Paulo de Souza