[PATCH] qemu_conf: Fix double free problem for cfg->firmwares

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

cfg->firmwares still points to the original memory address after being
freed by virFirmwareFreeList(). As cfg get freed, it will be freed again
even if cfg->nfirmwares=0 which eventually lead to crash.

The patch fix it by setting cfg->firmwares to NULL explicitly after
virFirmwareFreeList() returns

Signed-off-by: Tuguoyi <tu.guoyi@xxxxxxx>
---
 src/qemu/qemu_conf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 83de26a..98593b5 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -832,6 +832,7 @@ virQEMUDriverConfigLoadNVRAMEntry(virQEMUDriverConfigPtr cfg,
         VIR_AUTOSTRINGLIST fwList = NULL;
 
         virFirmwareFreeList(cfg->firmwares, cfg->nfirmwares);
+        cfg->firmwares = NULL;
 
         if (qemuFirmwareFetchConfigs(&fwList, privileged) < 0)
             return -1;
-- 
2.7.4

--
Best regards,
Guoyi
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux