7:30 a.m.
We create a 'lease_new' when we are adding new lease entry, then later
in the code we add the 'lease_new' into a 'leases_array_new' which
leades into the creash because we double free the 'lease_new'.
To prevent the double free we set the 'lease_new' to NULL after
successful append into the 'leases_array_new'.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/network/leaseshelper.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c
index 69081c3..bf1842b 100644
--- a/src/network/leaseshelper.c
+++ b/src/network/leaseshelper.c
@@ -331,6 +331,7 @@ main(int argc, char **argv)
_("failed to create json"));
goto cleanup;
}
+ lease_new = NULL;
}
if (!(leases_str = virJSONValueToString(leases_array_new, true))) {
--
1.8.5.5
7:32 a.m.
On 16.6.2014 14:30, Pavel Hrdina wrote:
We create a 'lease_new' when we are adding new lease entry,
then later
in the code we add the 'lease_new' into a 'leases_array_new' which
leades into the creash because we double free the 'lease_new'.
To prevent the double free we set the 'lease_new' to NULL after
successful append into the 'leases_array_new'.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
s/creash/crash/ :)
7:39 a.m.
s/creash/crash/ in subject
On 06/16/14 14:30, Pavel Hrdina wrote:
We create a 'lease_new' when we are adding new lease entry,
then later
in the code we add the 'lease_new' into a 'leases_array_new' which
leades into the creash because we double free the 'lease_new'.
s/leades/leads/ s/creash/crash/
To prevent the double free we set the 'lease_new' to NULL after
successful append into the 'leases_array_new'.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/network/leaseshelper.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c
index 69081c3..bf1842b 100644
--- a/src/network/leaseshelper.c
+++ b/src/network/leaseshelper.c
@@ -331,6 +331,7 @@ main(int argc, char **argv)
_("failed to create json"));
goto cleanup;
}
+ lease_new = NULL;
}
if (!(leases_str = virJSONValueToString(leases_array_new, true))) {
ACK to this change (with the subject fixed), although there's yet
another problem in the leasehelper. I'll post a patch later today.
Peter
7:42 a.m.
On 16.6.2014 14:39, Peter Krempa wrote:
s/creash/crash/ in subject
On 06/16/14 14:30, Pavel Hrdina wrote:
> We create a 'lease_new' when we are adding new lease entry, then later
> in the code we add the 'lease_new' into a 'leases_array_new' which
> leades into the creash because we double free the 'lease_new'.
s/leades/leads/ s/creash/crash/
>
> To prevent the double free we set the 'lease_new' to NULL after
> successful append into the 'leases_array_new'.
>
> Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
> ---
> src/network/leaseshelper.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c
> index 69081c3..bf1842b 100644
> --- a/src/network/leaseshelper.c
> +++ b/src/network/leaseshelper.c
> @@ -331,6 +331,7 @@ main(int argc, char **argv)
> _("failed to create json"));
> goto cleanup;
> }
> + lease_new = NULL;
> }
>
> if (!(leases_str = virJSONValueToString(leases_array_new, true))) {
>
ACK to this change (with the subject fixed), although there's yet
another problem in the leasehelper. I'll post a patch later today.
Peter
Thanks, pushed
Pavel
3812
days inactive
3812
days old
3 comments
2 participants
participants (2)
-
Pavel Hrdina -
Peter Krempa