[libvirt] Potential segfault in udev driver
Daniel P. Berrange
berrange at redhat.com
Mon Jan 25 11:37:36 UTC 2010
On Sun, Jan 24, 2010 at 11:07:59PM +0100, Matthias Bolte wrote:
> udevDeviceMonitorStartup registers udevEventHandleCallback as event
> handle, but doesn't store the returned watch id to remove it later on.
> Also it's not clear to me whether the event handle should be register
> for the whole lifetime of the udev driver instance or just for the
> udevEnumerateDevices call.
The handler should be active for the lifetime of libvirtd, since the
udev driver has to detect hotplug/unplug events over time.
>
> If for example the call to udevSetupSystemDev [1] fails
> udevDeviceMonitorShutdown is called to cleanup, but
> udevEventHandleCallback is still registered and may be called when
> driverState is NULL again, resulting in a segfault in
> udevEventHandleCallback.
>
> So to solve this the udevEventHandleCallback event handle must be
> removed at the appropriate place.
Yes, sounds like its needs to be removed in the failure path there
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the libvir-list
mailing list