On Tue, Dec 15, 2009 at 04:19:23PM +0100, Jim Meyering wrote:
>
> "dom" is set to NULL within the while loop:
>
> virDomainObjUnlock(dom);
> dom = NULL;
>
> If on a subsequent iteration something fails,
> we goto "cleanup" or "no_memory", both of which
> have us run this code:
>
> fclose(fp);
> virDomainObjUnref(dom);
> return -1;
>
> And the virDomainObjUnref function would dereference "dom".
>
>
> >From 3971ff17c7e9f1ddbc443d48b86fe6ba60a2d4a0 Mon Sep 17 00:00:00 2001
> From: Jim Meyering <meyering@xxxxxxxxxx>
> Date: Tue, 15 Dec 2009 16:16:57 +0100
> Subject: [PATCH] openvz_conf.c: don't dereference NULL upon failure
>
> * src/openvz/openvz_conf.c (openvzLoadDomains): Avoid NULL deref
> of "dom".
> ---
> src/openvz/openvz_conf.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/src/openvz/openvz_conf.c b/src/openvz/openvz_conf.c
> index 7e9abbf..43bbaf2 100644
> --- a/src/openvz/openvz_conf.c
> +++ b/src/openvz/openvz_conf.c
> @@ -535,7 +535,8 @@ int openvzLoadDomains(struct openvz_driver *driver) {
>
> cleanup:
> fclose(fp);
> - virDomainObjUnref(dom);
> + if (dom)
> + virDomainObjUnref(dom);
> return -1;
> }
>
> --
ACK
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list