[libvirt] [PATCH] Fix cd eject segfault
Cole Robinson
crobinso at redhat.com
Sat Aug 23 01:45:32 UTC 2008
Daniel P. Berrange wrote:
> On Thu, Aug 21, 2008 at 11:20:28PM -0400, Cole Robinson wrote:
>
>> The cdrom eject code was trying to dereference the
>> NULL source of an empty cdrom. Attached patch fixes
>> this.
>> @@ -2972,6 +2973,13 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
>> }
>> VIR_FREE(safe_path);
>>
>> + newsrc = strdup(newdisk->src);
>> + if (!newsrc) {
>> + qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
>> + "%s", _("out of memory"));
>> + return -1;
>> + }
>>
>
> Rather than dup'ing the string here and having to deal with OOM...
>
>
>> +
>> } else if (asprintf(&cmd, "eject cdrom") == -1) {
>> qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
>> "%s", _("out of memory"));
>> @@ -2982,11 +2990,17 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
>> qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
>> "%s", _("cannot change cdrom media"));
>> VIR_FREE(cmd);
>> + VIR_FREE(newsrc);
>> return -1;
>> }
>> VIR_FREE(reply);
>> VIR_FREE(cmd);
>> - strcpy(olddisk->src, newdisk->src);
>> +
>> + VIR_FREE(olddisk->src);
>> + if (newsrc) {
>> + olddisk->src = newsrc;
>> + newsrc = NULL;
>> + }
>>
>
> Just do
>
> VIR_FREE(olddisk->src);
> olddisk->src = newdisk->src;
> newdisk->src = NULL;
>
> Daniel
>
Whoops, yeah. I certainly over complicated that.
Updated patch attached.
Thanks,
Cole
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: libvirt-cd-eject-segfault-02-patch
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20080822/2fd49cca/attachment-0001.ksh>
More information about the libvir-list
mailing list