[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH v5 02/28] io: avoid double-free when closing QIOChan

From: Daniel P. Berrange
Subject: [Qemu-devel] [PATCH v5 02/28] io: avoid double-free when closing QIOChannelBuffer
Date: Fri, 18 Mar 2016 14:30:37 +0000

The QIOChannelBuffer's close implementation will free
the internal data buffer. It failed to reset the pointer
to NULL though, so when the object is later finalized
it will free it a second time with predictable crash.

Signed-off-by: Daniel P. Berrange <address@hidden>
 io/channel-buffer.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/io/channel-buffer.c b/io/channel-buffer.c
index 3e5117b..43d7959 100644
--- a/io/channel-buffer.c
+++ b/io/channel-buffer.c
@@ -140,6 +140,7 @@ static int qio_channel_buffer_close(QIOChannel *ioc,
     QIOChannelBuffer *bioc = QIO_CHANNEL_BUFFER(ioc);
+    bioc->data = NULL;
     bioc->capacity = bioc->usage = bioc->offset = 0;
     return 0;

reply via email to

[Prev in Thread] Current Thread [Next in Thread]