qemu-trivial
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] softmmu/qdev-monitor: fix use-after-free in qdev_set_id()


From: Kevin Wolf
Subject: Re: [PATCH] softmmu/qdev-monitor: fix use-after-free in qdev_set_id()
Date: Mon, 15 Nov 2021 15:48:30 +0100

Am 13.11.2021 um 09:14 hat Markus Armbruster geschrieben:
> Nominating for qemu-trivial.

I'm sending a pull request anyway, so I'm merging it.

Kevin

> Markus Armbruster <armbru@redhat.com> writes:
> 
> > Philippe Mathieu-Daudé <philmd@redhat.com> writes:
> >
> >> Cc'ing Markus
> >>
> >> On 11/2/21 17:33, Stefan Hajnoczi wrote:
> >>> Reported by Coverity (CID 1465222).
> >>> 
> >>> Fixes: 4a1d937796de0fecd8b22d7dbebf87f38e8282fd ("softmmu/qdev-monitor: 
> >>> add error handling in qdev_set_id")
> >>> Cc: Damien Hedde <damien.hedde@greensocs.com>
> >>> Cc: Kevin Wolf <kwolf@redhat.com>
> >>> Cc: Michael S. Tsirkin <mst@redhat.com>
> >>> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> >>> ---
> >>>  softmmu/qdev-monitor.c | 2 +-
> >>>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>> 
> >>> diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c
> >>> index 4851de51a5..06f86a1a96 100644
> >>> --- a/softmmu/qdev-monitor.c
> >>> +++ b/softmmu/qdev-monitor.c
> >>> @@ -581,8 +581,8 @@ const char *qdev_set_id(DeviceState *dev, char *id, 
> >>> Error **errp)
> >>>          if (prop) {
> >>>              dev->id = id;
> >>>          } else {
> >>> -            g_free(id);
> >>>              error_setg(errp, "Duplicate device ID '%s'", id);
> >>> +            g_free(id);
> >>>              return NULL;
> >>>          }
> >>>      } else {
> >>> 
> >>
> >> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> >> Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>
> >
> > Reviewed-by: Markus Armbruster <armbru@redhat.com>
> 




reply via email to

[Prev in Thread] Current Thread [Next in Thread]