On 09/11/13 16:00, Peter Krempa wrote:
^^^^^^^^^^^^
Guido, you should recofigure your git-send-email or other mailer so that
it sends patches in your name with a separate "From:" line in the body.
This now looks as if I've sent the mail which is not the case.
Peter
> This patch resolves CVE-2013-0170:
> https://bugzilla.redhat.com/show_bug.cgi?id=893450
>
> When reading and dispatching of a message failed the message was freed
> but wasn't removed from the message queue.
>
> After that when the connection was about to be closed the pointer for
> the message was still present in the queue and it was passed to
> virNetMessageFree which tried to call the callback function from an
> uninitialized pointer.
>
> This patch removes the message from the queue before it's freed.
>
> * rpc/virnetserverclient.c: virNetServerClientDispatchRead:
> - avoid use after free of RPC messages
>
> (cherry picked from commit 46532e3e8ed5f5a736a02f67d6c805492f9ca720)
> ---
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list