Re: [Qemu-stable] [Qemu-devel] [PATCH] slirp: Fix access to freed memory

qemu-stable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-stable] [Qemu-devel] [PATCH] slirp: Fix access to freed memory

From:	Stefan Hajnoczi
Subject:	Re: [Qemu-stable] [Qemu-devel] [PATCH] slirp: Fix access to freed memory
Date:	Mon, 14 Nov 2016 16:28:10 +0000
User-agent:	Mutt/1.7.1 (2016-10-04)

On Mon, Nov 14, 2016 at 12:01:02AM +0100, Samuel Thibault wrote:
> if_start() goes through the slirp->if_fastq and slirp->if_batchq
> list of pending messages, and accesses ifm->ifq_so->so_nqueued of its
> elements if ifm->ifq_so != NULL.  When freeing a socket, we thus need
> to make sure that any pending message for this socket does not refer
> to the socket any more.
> 
> Signed-off-by: Samuel Thibault <address@hidden>
> Tested-by: Brian Candler <address@hidden>
> ---
>  slirp/socket.c | 17 +++++++++++++++++
>  1 file changed, 17 insertions(+)

Reviewed-by: Stefan Hajnoczi <address@hidden>

Please send a slirp pull request for QEMU 2.8-rc0 (deadline November
15th) or -rc1 (deadline November 22nd).

CCing qemu-stable.

Stefan

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-stable] [Qemu-devel] [PATCH] slirp: Fix access to freed memory, Stefan Hajnoczi <=

Prev by Date: Re: [Qemu-stable] [Qemu-block] [PATCH for-2.8] block: Let write zeroes fallback work even with small max_transfer
Next by Date: Re: [Qemu-stable] [Qemu-devel] [PATCH 0/4] block/curl: Fix FTP
Previous by thread: [Qemu-stable] [PULL v2 31/34] vhost: adapt vhost_verify_ring_mappings() to virtio 1 ring layout
Next by thread: Re: [Qemu-stable] [Qemu-devel] [PATCH 0/4] block/curl: Fix FTP
Index(es):
- Date
- Thread