On Mon, Apr 15, 2019 at 08:29:42PM +0200, Adrian Brzezinski wrote:
> Failed new gnutls context allocations in virNetTLSContextNew function
> results in double free and segfault. Occasional memory leaks may also
> occur.
>
> Signed-off-by: Adrian Brzezinski <redhat@xxxxxxx>
> ---
> src/rpc/virnettlscontext.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
> index 72e9ed9..7b5d578 100644
> --- a/src/rpc/virnettlscontext.c
> +++ b/src/rpc/virnettlscontext.c
> @@ -707,6 +707,12 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert,
>
> err = gnutls_certificate_allocate_credentials(&ctxt->x509cred);
> if (err) {
> + /* gnutls_certificate_credentials_t is complex structure with multiple
> + * internal memory allocatons that can go wrong, so make sure that
> + * reference is NULL.
> + */
I changd this comment to
/* While gnutls_certificate_credentials_t will free any
* partially allocated credentials struct, it does not
* set the returned pointer back to NULL after it is
* freed in an error path.
*/
and then pushed the fix
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
