From: Alex Jia <ajia@xxxxxxxxxx> It's a NULL pointer deref issue, which leads to libvirtd crash. This patch directly use 'params[i].value.s' value instead of derefing a NULL pointer on memcpy. * how to reproduce? % virsh numatune <domain> --nodeset 0 % service libvirtd status * src/qemu/qemu_driver.c (qemuDomainSetNumaParameters): avoid a NULL pointer deref. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=771562 Signed-off-by: Alex Jia <ajia@xxxxxxxxxx> --- src/qemu/qemu_driver.c | 6 ++---- 1 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 82bab67..1bd93f6 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -6721,14 +6721,12 @@ qemuDomainSetNumaParameters(virDomainPtr dom, } if (flags & VIR_DOMAIN_AFFECT_CONFIG) { - memcpy(oldnodemask, persistentDef->numatune.memory.nodemask, - VIR_DOMAIN_CPUMASK_LEN); + memcpy(oldnodemask, params[i].value.s, VIR_DOMAIN_CPUMASK_LEN); if (virDomainCpuSetParse(params[i].value.s, 0, persistentDef->numatune.memory.nodemask, VIR_DOMAIN_CPUMASK_LEN) < 0) { - memcpy(persistentDef->numatune.memory.nodemask, - oldnodemask, VIR_DOMAIN_CPUMASK_LEN); + memcpy(params[i].value.s, oldnodemask, VIR_DOMAIN_CPUMASK_LEN); ret = -1; continue; } -- 1.7.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list