libxl: Fix libvirtd crash on domain restore

[PATCH] libxl: Fix libvirtd crash on domain restore

Jim Fehlig posted 1 patch 2 years, 2 months ago

Download mbox

Test syntax-check failed

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20220217185601.12531-1-jfehlig@suse.com

src/libxl/libxl_domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

Expand all Fold all

[PATCH] libxl: Fix libvirtd crash on domain restore

Posted by Jim Fehlig 2 years, 2 months ago

Commit cc2a3c2a94 missed one case in the libxl driver where virDomainDef
is returned from libxlDomainSaveImageOpen and a g_steal_pointer is needed.
Without it, the virDomainDef object is freed and the driver crashes later
in the restore process when accessing the object.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
---
 src/libxl/libxl_domain.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c
index c91e531a9a..ee031267ca 100644
--- a/src/libxl/libxl_domain.c
+++ b/src/libxl/libxl_domain.c
@@ -811,7 +811,7 @@ libxlDomainSaveImageOpen(libxlDriverPrivate *driver,
                                         VIR_DOMAIN_DEF_PARSE_SKIP_VALIDATE)))
         goto error;
 
-    *ret_def = def;
+    *ret_def = g_steal_pointer(&def);
     *ret_hdr = hdr;
 
     return fd;
-- 
2.35.1

Re: [PATCH] libxl: Fix libvirtd crash on domain restore

Posted by Ján Tomko 2 years, 2 months ago

On a Thursday in 2022, Jim Fehlig wrote:
>Commit cc2a3c2a94 missed one case in the libxl driver where virDomainDef
>is returned from libxlDomainSaveImageOpen and a g_steal_pointer is needed.
>Without it, the virDomainDef object is freed and the driver crashes later
>in the restore process when accessing the object.
>
>Signed-off-by: Jim Fehlig <jfehlig@suse.com>
>---
> src/libxl/libxl_domain.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano