[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH] domain_conf: fix possible memory leak



Until now, it was possible to crash libvirtd when defining domain with
channel device with missing source element.

When creating new virDomainChrDef, target.port is set to -1, but
unfortunately it is an union with addresses that virDomainChrDefFree
tries to free in case the deviceType is channel. Having the port set
to -1 is intended, however the cleanest way to get around the problems
with the crash seems to be renumbering the VIR_DOMAIN_CHR_CHANNEL_
target types to cover new NONE type (with value 0) being the default
(no target type yet).
---
 src/conf/domain_conf.c |    1 +
 src/conf/domain_conf.h |    3 ++-
 2 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 7bd61a5..41f22d2 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -307,6 +307,7 @@ VIR_ENUM_IMPL(virDomainNetInterfaceLinkState, VIR_DOMAIN_NET_INTERFACE_LINK_STAT

 VIR_ENUM_IMPL(virDomainChrChannelTarget,
               VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_LAST,
+              "none",
               "guestfwd",
               "virtio")

diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index d627ad8..531176c 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -855,7 +855,8 @@ enum virDomainChrDeviceType {
 };

 enum virDomainChrChannelTargetType {
-    VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_GUESTFWD = 0,
+    VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_NONE = 0,
+    VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_GUESTFWD,
     VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO,

     VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_LAST,
-- 
1.7.8.6


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]