On 7/4/24 11:52, Rayhan Faizel wrote: > mem_nodes[i].ndistances is written outside the loop causing an out-of-bounds > write leading to heap corruption. > > While we are at it, the entire cleanup portion can be removed as it can be > handled in virDomainNumaFree. One instance of VIR_FREE is also removed and > replaced with g_autofree. > > This patch also adds a testcase which would be picked up by ASAN, if this > portion regresses. > > Fixes: 742494eed8dbdde8b1d05a306032334e6226beea > Signed-off-by: Rayhan Faizel <rayhan.faizel@xxxxxxxxx> > --- > src/conf/numa_conf.c | 30 ++++++------------- > ...ance-nonexistent-sibling.x86_64-latest.err | 1 + > .../cpu-numa-distance-nonexistent-sibling.xml | 29 ++++++++++++++++++ > tests/qemuxmlconftest.c | 1 + > 4 files changed, 40 insertions(+), 21 deletions(-) > create mode 100644 tests/qemuxmlconfdata/cpu-numa-distance-nonexistent-sibling.x86_64-latest.err > create mode 100644 tests/qemuxmlconfdata/cpu-numa-distance-nonexistent-sibling.xml Reviewed-by: Michal Privoznik <mprivozn@xxxxxxxxxx> Michal
