Commit-ID: 564123c893e629a531e51fbca4903441ec529b03
Gitweb: http://git.kernel.org/tip/564123c893e629a531e51fbca4903441ec529b03
Author: Pekka Enberg <penberg@xxxxxxxxxx>
AuthorDate: Sat, 4 Feb 2012 10:32:41 +0200
Committer: Pekka Enberg <penberg@xxxxxxxxxx>
CommitDate: Sat, 4 Feb 2012 10:32:41 +0200
kvm tools: Fix another use-after-free in shutdown sequence
Valgrind spotted another issue:
==2343== Invalid read of size 8
==2343== at 0x408EAD: kvm__pause (kvm.c:529)
==2343== by 0x407E07: ioport__unregister (ioport.c:100)
==2343== by 0x409537: pci__exit (pci.c:210)
==2343== by 0x406303: kvm_cmd_run (builtin-run.c:1314)
==2343== by 0x410670: handle_command (kvm-cmd.c:84)
==2343== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
==2343== Address 0x4c30ca0 is 0 bytes inside a block of size 520 free'd
==2343== at 0x4A055FE: free (vg_replace_malloc.c:366)
==2343== by 0x406293: kvm_cmd_run (builtin-run.c:1292)
==2343== by 0x410670: handle_command (kvm-cmd.c:84)
==2343== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
Signed-off-by: Pekka Enberg <penberg@xxxxxxxxxx>
---
tools/kvm/builtin-run.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/tools/kvm/builtin-run.c b/tools/kvm/builtin-run.c
index 71edf5f4..a3fa444 100644
--- a/tools/kvm/builtin-run.c
+++ b/tools/kvm/builtin-run.c
@@ -1289,7 +1289,6 @@ static void kvm_cmd_run_exit(int guest_ret)
r = disk_image__close_all(kvm->disks, image_count);
if (r < 0)
pr_warning("disk_image__close_all() failed with error %d\n", r);
- free(kvm_cpus);
r = serial8250__exit(kvm);
if (r < 0)
@@ -1319,6 +1318,8 @@ static void kvm_cmd_run_exit(int guest_ret)
if (r < 0)
pr_warning("pci__exit() failed with error %d\n", r);
+ free(kvm_cpus);
+
if (guest_ret == 0)
printf("\n # KVM session ended normally.\n");
}
--
To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|