> This series is not safe - it introduces an invalid free in the XML
> parser, giving the user with a read-write connection a possibility to crash
> libvirtd before we get to the ACL checks.
>
Based on the lack of details, I assume you may be referring to:
@@ -11327,6 +11327,7 @@ virDomainMemballoonDefParseXML(xmlNodePtr node,
unsigned int flags)
{
char *model;
+ char *deflate;
virDomainMemballoonDefPtr def;
Where deflate should be set to NULL. I don't have the time/desire to
chase down empirical evidence, but from memory this is not the first
time a missed initialization such as this has occurred during a freeze.
Simple enough adjustment.
John
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list