From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53094) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZZS1m-0003aS-OG for qemu-devel@nongnu.org; Tue, 08 Sep 2015 19:10:15 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZZS1m-0003Wz-0W for qemu-devel@nongnu.org; Tue, 08 Sep 2015 19:10:14 -0400 Received: from mail-wi0-x236.google.com ([2a00:1450:400c:c05::236]:38911) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZZS1l-0003Wn-Qk for qemu-devel@nongnu.org; Tue, 08 Sep 2015 19:10:13 -0400 Received: by wiclk2 with SMTP id lk2so2009088wic.1 for ; Tue, 08 Sep 2015 16:10:13 -0700 (PDT) Sender: =?UTF-8?B?TWFyYy1BbmRyw6kgTHVyZWF1?= From: marcandre.lureau@redhat.com Date: Wed, 9 Sep 2015 01:09:55 +0200 Message-Id: <1441753806-14225-4-git-send-email-marcandre.lureau@redhat.com> In-Reply-To: <1441753806-14225-1-git-send-email-marcandre.lureau@redhat.com> References: <1441753806-14225-1-git-send-email-marcandre.lureau@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Subject: [Qemu-devel] [PATCH RFC 03/14] qemu-char: avoid potential double-free List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: mukawa@igel.co.jp, =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , mst@redhat.com From: Marc-André Lureau If tcp_set_msgfds() is called several time with NULL fds, this could lead to double-free. Signed-off-by: Marc-André Lureau --- qemu-char.c | 1 + 1 file changed, 1 insertion(+) diff --git a/qemu-char.c b/qemu-char.c index d956f8d..bc37628 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -2713,6 +2713,7 @@ static int tcp_set_msgfds(CharDriverState *chr, int *fds, int num) /* clear old pending fd array */ if (s->write_msgfds) { g_free(s->write_msgfds); + s->write_msgfds = NULL; } if (num) { -- 2.4.3