On 09/17/2014 11:05 PM, John Ferlan wrote: > On 09/17/2014 06:45 AM, Ján Tomko wrote: >> Commit f36a94f introduced a double free on all success paths >> in qemuSharedDeviceEntryInsert. >> >> Only call qemuSharedDeviceEntryFree on the error path and >> set entry to NULL before jumping there if the entry already >> is in the hash table. >> >> https://bugzilla.redhat.com/show_bug.cgi?id=1142722 >> --- >> src/qemu/qemu_conf.c | 26 ++++++++++++-------------- >> 1 file changed, 12 insertions(+), 14 deletions(-) >> ... >> + entry = NULL; > > [1] Assigning to NULL causes an issue > >> + goto error; >> + } >> } ... >> + return 0; >> >> - cleanup: >> + error: >> qemuSharedDeviceEntryFree(entry, NULL); > [1] > Because this is prototyped as: > > void qemuSharedDeviceEntryFree(void *payload, const void *name) > ATTRIBUTE_NONNULL(1); > > Coverity gives us a warning when entry = NULL... > > It's solveable by either allowing NULL for the function or only calling > if (entry) > > ACK as long as we handle in some manner. I removed the ATTRIBUTE_NONNULL as the function already handles NULL and pushed the patch. Jan
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list