]> xenbits.xensource.com Git - libvirt.git/commitdiff
projects / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ed839f9)
BZ1072677: Avoid freeing of 0 file descriptor
authorStefan Berger <stefanb@linux.vnet.ibm.com>
Mon, 10 Mar 2014 22:47:19 +0000 (18:47 -0400)
committerStefan Berger <stefanb@us.ibm.com>
Mon, 10 Mar 2014 22:47:19 +0000 (18:47 -0400)
Avoid the freeing of an array of zero file descriptors in case
of error. Initialize the array to -1 using memset.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
src/qemu/qemu_hotplug.c patch | blob | blame | history

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index dd72a794e3af7fd8096968dd7a58404d6c65dd21..6ff2489d2f5ca291ae3b2b17fb142b5d57b35573 100644 (file)
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -874,9 +874,12 @@ int qemuDomainAttachNetDevice(virConnectPtr conn,
         tapfdSize = vhostfdSize = net->driver.virtio.queues;
         if (!tapfdSize)
             tapfdSize = vhostfdSize = 1;
-        if (VIR_ALLOC_N(tapfd, tapfdSize) < 0 ||
-            VIR_ALLOC_N(vhostfd, vhostfdSize) < 0)
+        if (VIR_ALLOC_N(tapfd, tapfdSize) < 0)
             goto cleanup;
+        memset(tapfd, -1, sizeof(*tapfd) * tapfdSize);
+        if (VIR_ALLOC_N(vhostfd, vhostfdSize) < 0)
+            goto cleanup;
+        memset(vhostfd, -1, sizeof(*vhostfd) * vhostfdSize);
         if (qemuNetworkIfaceConnect(vm->def, conn, driver, net,
                                     priv->qemuCaps, tapfd, &tapfdSize) < 0)
             goto cleanup;
@@ -885,8 +888,12 @@ int qemuDomainAttachNetDevice(virConnectPtr conn,
             goto cleanup;
     } else if (actualType == VIR_DOMAIN_NET_TYPE_DIRECT) {
         tapfdSize = vhostfdSize = 1;
-        if (VIR_ALLOC(tapfd) < 0 || VIR_ALLOC(vhostfd) < 0)
+        if (VIR_ALLOC(tapfd) < 0)
+            goto cleanup;
+        *tapfd = -1;
+        if (VIR_ALLOC(vhostfd) < 0)
             goto cleanup;
+        *vhostfd = -1;
         if ((tapfd[0] = qemuPhysIfaceConnect(vm->def, driver, net,
                                              priv->qemuCaps,
                                              VIR_NETDEV_VPORT_PROFILE_OP_CREATE)) < 0)
@@ -898,6 +905,7 @@ int qemuDomainAttachNetDevice(virConnectPtr conn,
         vhostfdSize = 1;
         if (VIR_ALLOC(vhostfd) < 0)
             goto cleanup;
+        *vhostfd = -1;
         if (qemuOpenVhostNet(vm->def, net, priv->qemuCaps, vhostfd, &vhostfdSize) < 0)
             goto cleanup;
     }
Unnamed repository; edit this file 'description' to name the repository.