Imagine that this function is called twice over the same disk
source. While in the first run all allocated memory is freed, not
all pointers are set to NULL (e.g. def->srcpool). So when called
again, these poitners are freed again resulting in double free.
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
src/util/virstoragefile.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index 22cdb83..57a298f 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2238,6 +2238,8 @@ virStorageSourceClear(virStorageSourcePtr def)
VIR_FREE(def->nodeformat);
virStorageSourceBackingStoreClear(def);
+
+ memset(def, 0, sizeof(*def));
}
--
2.10.2
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
