From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Amit Shah <amit.shah@redhat.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
Juan Quintela <quintela@redhat.com>
Subject: [Qemu-devel] [PATCH v5 02/28] io: avoid double-free when closing QIOChannelBuffer
Date: Fri, 18 Mar 2016 14:30:37 +0000 [thread overview]
Message-ID: <1458311463-28272-3-git-send-email-berrange@redhat.com> (raw)
In-Reply-To: <1458311463-28272-1-git-send-email-berrange@redhat.com>
The QIOChannelBuffer's close implementation will free
the internal data buffer. It failed to reset the pointer
to NULL though, so when the object is later finalized
it will free it a second time with predictable crash.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
io/channel-buffer.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/io/channel-buffer.c b/io/channel-buffer.c
index 3e5117b..43d7959 100644
--- a/io/channel-buffer.c
+++ b/io/channel-buffer.c
@@ -140,6 +140,7 @@ static int qio_channel_buffer_close(QIOChannel *ioc,
QIOChannelBuffer *bioc = QIO_CHANNEL_BUFFER(ioc);
g_free(bioc->data);
+ bioc->data = NULL;
bioc->capacity = bioc->usage = bioc->offset = 0;
return 0;
--
2.5.0
next prev parent reply other threads:[~2016-03-18 14:31 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-18 14:30 [Qemu-devel] [PATCH v5 00/28] Convert migration to QIOChannel & support TLS Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 01/28] s390: use FILE instead of QEMUFile for creating text file Daniel P. Berrange
2016-03-18 14:30 ` Daniel P. Berrange [this message]
2016-03-18 16:22 ` [Qemu-devel] [PATCH v5 02/28] io: avoid double-free when closing QIOChannelBuffer Dr. David Alan Gilbert
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 03/28] migration: remove use of qemu_bufopen from vmstate tests Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 04/28] migration: ensure qemu_fflush() always writes full data amount Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 05/28] migration: split migration hooks out of QEMUFileOps Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 06/28] migration: introduce set_blocking function in QEMUFileOps Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 07/28] migration: force QEMUFile to blocking mode for outgoing migration Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 08/28] migration: introduce a new QEMUFile impl based on QIOChannel Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 09/28] migration: add helpers for creating QEMUFile from a QIOChannel Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 10/28] migration: add reporting of errors for outgoing migration Daniel P. Berrange
2016-03-18 16:33 ` Dr. David Alan Gilbert
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 11/28] migration: convert post-copy to use QIOChannelBuffer Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 12/28] migration: convert unix socket protocol to use QIOChannel Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 13/28] migration: rename unix.c to socket.c Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 14/28] migration: convert tcp socket protocol to use QIOChannel Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 15/28] migration: convert fd " Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 16/28] migration: convert exec " Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 17/28] migration: convert RDMA to use QIOChannel interface Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 18/28] migration: convert savevm to use QIOChannel for writing to files Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 19/28] migration: delete QEMUFile buffer implementation Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 20/28] migration: delete QEMUSizedBuffer struct Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 21/28] migration: delete QEMUFile sockets implementation Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 22/28] migration: delete QEMUFile stdio implementation Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 23/28] migration: move definition of struct QEMUFile back into qemu-file.c Daniel P. Berrange
2016-03-18 14:30 ` [Qemu-devel] [PATCH v5 24/28] migration: don't use an array for storing migrate parameters Daniel P. Berrange
2016-03-18 14:31 ` [Qemu-devel] [PATCH v5 25/28] migration: define 'tls-creds' and 'tls-hostname' migration parameters Daniel P. Berrange
2016-03-18 17:03 ` Dr. David Alan Gilbert
2016-03-18 14:31 ` [Qemu-devel] [PATCH v5 26/28] migration: add support for encrypting data with TLS Daniel P. Berrange
2016-03-18 14:31 ` [Qemu-devel] [PATCH v5 27/28] migration: remove support for non-iovec based write handlers Daniel P. Berrange
2016-03-18 14:31 ` [Qemu-devel] [PATCH v5 28/28] migration: remove qemu_get_fd method from QEMUFile Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1458311463-28272-3-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=amit.shah@redhat.com \
--cc=dgilbert@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.