From 786ffb3335f7094fc6a310e2d8441db215732b16 Mon Sep 17 00:00:00 2001 From: Eric Blake <eblake@redhat.com> Date: Tue, 31 Jul 2012 08:15:00 -0600 Subject: [PATCH] qemu: fix use after free To: libvir-list@redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=772848 (caused by fix for CVE-2012-2693, https://bugzilla.redhat.com/show_bug.cgi?id=816601) Detected by Coverity. * src/qemu/qemu_hotplug.c (qemuDomainAttachHostDevice): Avoid double free of usb on failure. (cherry picked from commit 665c8cdecc2d91a83f08a6ec95531b0de57c0e0a) Conflicts: src/qemu/qemu_hotplug.c - upstream split this out of qemu_driver.c Signed-off-by: Daniel Veillard <veillard@redhat.com> --- src/qemu/qemu_driver.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 14cb41d..c85c897 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -8364,6 +8364,7 @@ static int qemudDomainAttachHostDevice(struct qemud_driver *driver, if (usbDeviceListAdd(list, usb) < 0) { usbFreeDevice(usb); + usb = NULL; goto cleanup; } -- 1.7.7.6