[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL v2 28/51] qemu-char: avoid potential double-free
From: |
Michael S. Tsirkin |
Subject: |
[Qemu-devel] [PULL v2 28/51] qemu-char: avoid potential double-free |
Date: |
Tue, 15 Mar 2016 17:01:52 +0200 |
From: Marc-André Lureau <address@hidden>
If tcp_set_msgfds() is called several time with NULL fds, this
could lead to double-free.
Signed-off-by: Marc-André Lureau <address@hidden>
Reviewed-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
---
qemu-char.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/qemu-char.c b/qemu-char.c
index e0147f3..fc4611d 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2697,6 +2697,7 @@ static int tcp_set_msgfds(CharDriverState *chr, int *fds,
int num)
}
/* clear old pending fd array */
g_free(s->write_msgfds);
+ s->write_msgfds = NULL;
if (num) {
s->write_msgfds = g_new(int, num);
--
MST
- [Qemu-devel] [PULL v2 19/51] hw/acpi: fix Q35 support for legacy Windows OS, (continued)
- [Qemu-devel] [PULL v2 19/51] hw/acpi: fix Q35 support for legacy Windows OS, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 20/51] acpi-test-data: add _DIS methods, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 17/51] msi_supported -> msi_nonbroken, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 21/51] pci-ids: add virtio 1.0 ids to spec, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 22/51] nvdimm acpi: initialize the resource used by NVDIMM ACPI, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 24/51] nvdimm acpi: let qemu handle _DSM method, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 23/51] nvdimm acpi: introduce patched dsm memory, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 26/51] vhost-user: fix use after free, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 25/51] nvdimm acpi: emulate dsm method, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 29/51] qemu-char: remove all msgfds on disconnect, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 28/51] qemu-char: avoid potential double-free,
Michael S. Tsirkin <=
- [Qemu-devel] [PULL v2 27/51] vhost-user: remove useless is_server field, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 32/51] pc: acpi: remove NOP assignment, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 30/51] qemu-char: make tcp_chr_disconnect() reentrant-safe, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 31/51] pxb: cleanup, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 33/51] pc: init pcms->apic_id_limit once and use it throughout pc.c, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 35/51] pc: acpi: cleanup qdev_get_machine() calls, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 34/51] machine: introduce MachineClass.possible_cpu_arch_ids() hook, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 36/51] pc: acpi: SRAT: create only valid processor lapic entries, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 37/51] pc: acpi: create MADT.lapic entries only for valid lapics, Michael S. Tsirkin, 2016/03/15
- [Qemu-devel] [PULL v2 38/51] pc: acpi: create Processor and Notify objects only for valid lapics, Michael S. Tsirkin, 2016/03/15