> This series is not safe - it introduces an invalid free in the XML > parser, giving the user with a read-write connection a possibility to crash > libvirtd before we get to the ACL checks. > Based on the lack of details, I assume you may be referring to: @@ -11327,6 +11327,7 @@ virDomainMemballoonDefParseXML(xmlNodePtr node, unsigned int flags) { char *model; + char *deflate; virDomainMemballoonDefPtr def; Where deflate should be set to NULL. I don't have the time/desire to chase down empirical evidence, but from memory this is not the first time a missed initialization such as this has occurred during a freeze. Simple enough adjustment. John -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list