[libvirt] [PATCH] test: Avoid use-after-free on virDomainSnapshotDelete
Eric Blake
eblake at redhat.com
Sun Mar 17 04:27:51 UTC 2019
On 3/16/19 11:13 PM, Eric Blake wrote:
> The following virsh command was triggering a use-after-free:
>
> $ virsh -c test:///default '
> snapshot-create-as test s1
> snapshot-create-as test s2
> snapshot-delete --children-only test s1
> snapshot-current --name test'
> Domain snapshot s1 created
> Domain snapshot s2 created
> Domain snapshot s1 children deleted
>
> error: name in virGetDomainSnapshot must not be NULL
>
> @@ -6508,8 +6508,6 @@ testDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
> testDomainSnapshotDiscardAll,
> &rem);
> if (rem.current) {
> - if (flags & VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN_ONLY)
> - snap->def->current = true;
> vm->current_snapshot = snap;
> }
I need to let 'make syntax-check' finish running first. Here, I also
need to drop the now-spurious {}.
> } else if (snap->nchildren) {
> @@ -6542,8 +6540,6 @@ testDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
> if (!parentsnap) {
> VIR_WARN("missing parent snapshot matching name '%s'",
> snap->def->parent);
> - } else {
> - parentsnap->def->current = true;
> }
> }
and again
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20190316/ea0665b1/attachment-0001.sig>
More information about the libvir-list
mailing list