packages/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/bugfix-pointer-double-free-in-func-qemu_savevm_state.patch
yezengruan bb777b4dce Qemu update to version 6.2.0-45 
numa: Enable numa for SGX EPC sections
target/ppc: enhance error handling in kvmppc_read_int*
fix pointer double free in func qemu_savevm_state_complete_precopy_non_iterable

Signed-off-by: yezengruan <yezengruan@huawei.com>
2022-08-11 19:19:20 +08:00

39 lines
1.4 KiB
Diff
Raw Blame History

From 48ff0d29c594ccfa80a3d58c97bdb7e656c8f541 Mon Sep 17 00:00:00 2001
From: jiangdongxu <jiangdongxu1@huawei.com>
Date: Mon, 20 Jun 2022 17:19:44 +0800
Subject: [PATCH 9/9] bugfix: pointer double free in func
qemu_savevm_state_complete_precopy_non_iterable
vmdesc defined in qemu_savevm_state_complete_precopy_non_iterable is a g_autoptr,
it will be auto freed when function return. thus when we call json_writer_free
before function return to free vmdesc, it will be double freed. fix it.
Signed-off-by: jiangdongxu <jiangdongxu1@huawei.com>
---
migration/savevm.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/migration/savevm.c b/migration/savevm.c
index 803cd9004d..d59e976d50 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -1427,7 +1427,6 @@ int qemu_savevm_state_complete_precopy_non_iterable(QEMUFile *f,
ret = vmstate_save(f, se, vmdesc);
if (ret) {
qemu_file_set_error(f, ret);
- json_writer_free(vmdesc);
return ret;
}
trace_savevm_section_end(se->idstr, se->section_id, 0);
@@ -1444,7 +1443,6 @@ int qemu_savevm_state_complete_precopy_non_iterable(QEMUFile *f,
error_report("%s: bdrv_inactivate_all() failed (%d)",
__func__, ret);
qemu_file_set_error(f, ret);
- json_writer_free(vmdesc);
return ret;
}
}
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink