From nobody Sun Feb 8 09:11:35 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1533090473414506.03741367864575; Tue, 31 Jul 2018 19:27:53 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DAEBB83F51; Wed, 1 Aug 2018 02:27:50 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9B248424E; Wed, 1 Aug 2018 02:27:50 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 399664A460; Wed, 1 Aug 2018 02:27:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w712RmVG022507 for ; Tue, 31 Jul 2018 22:27:48 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9965E9EA8A; Wed, 1 Aug 2018 02:27:48 +0000 (UTC) Received: from mx1.redhat.com (ext-mx10.extmail.prod.ext.phx2.redhat.com [10.5.110.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 91AC79EAA3 for ; Wed, 1 Aug 2018 02:27:46 +0000 (UTC) Received: from mail-qt0-f179.google.com (mail-qt0-f179.google.com [209.85.216.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6CE615F7AB for ; Wed, 1 Aug 2018 02:27:43 +0000 (UTC) Received: by mail-qt0-f179.google.com with SMTP id c15-v6so18324496qtp.0 for ; Tue, 31 Jul 2018 19:27:43 -0700 (PDT) Received: from bebop.8.8.8.8 ([2804:7f5:d180:bc6a:c749:4636:5580:4df6]) by smtp.gmail.com with ESMTPSA id r13-v6sm10204112qke.21.2018.07.31.19.27.40 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 31 Jul 2018 19:27:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=2WAMQ+V4EtbUtwJ1TNi4rwjthap3P0fJzWSEMnLkSoc=; b=lj1BRlLop2B54v5qo5pVB7EngK+mnLD4kn+VnHoOv4/xBilRcedmrN6dVWPD+/91Ug kyJCakN7q/3JhWGNG9yDa2hxlt2ZOXYrVNvvFF6PgBBXkhDr4LhuXMH2lSl3xfT06xuB WSG3imfScjyLtZIcQ/mnm9W17yBSPBn+ETSLs2uSf1ZSGx2MtB6K7u1U13CVwgU7EJWw wPxXbw2CL85UXNLug9cxgsKfob74hjnaMqrAcwCYS/YiUph9grLQV7zoqLOB2sW7HqKg L0LSPl/50Qu/9kdwc2K38pbmnPUPUsbi5ztUFt+G0h0aiRTjl/J65o1yFi4HT5KL0nX3 Q5KQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=2WAMQ+V4EtbUtwJ1TNi4rwjthap3P0fJzWSEMnLkSoc=; b=il+2i7LfS6lMx2GuxQDkSEK++kLOE7QALBJHgKfsfQP8v/gDgJCmZQuYRsYo7CokM4 DD49cqAcGYSkeCIdI7erUWWYZTevdHFtnf6VVdclsi11yeXs/30Sfj9SJXD06QS4QqEU oh+UdVfbJJ8umyV4A+/u/hAlFgYK/rPdl/HF5xk+GMApeKqhQVs8I7X05y672Usj9QJG nAYo4H4YYrrSpwgqggXGw5yCtv+o1G/UifDx6IEKpb9RKEnVPjS/4NlAz9005r3mX5mF I1mNqEm/Zct25vt1nHwmflzzy/1LVTMa1Y6yFVH7vlGyfnwQ6WbAvJpapwbhGwLZEG6u 3PNA== X-Gm-Message-State: AOUpUlECYr7lT4m7Ozqau7RzNJqy8S76Mc5UsVIL9ZBTeu9URakxNna6 HzM10foTs7WsH7rgA4Y0hnZAEZPo X-Google-Smtp-Source: AAOMgpcyNCy9rbPPicrum4jDojIfSK+7kfl/IGKVsR1LuHb3NnnKIw1u96LhE0UJwewvvV1MRKebrw== X-Received: by 2002:ac8:2e58:: with SMTP id s24-v6mr22240747qta.201.1533090462233; Tue, 31 Jul 2018 19:27:42 -0700 (PDT) From: Marcos Paulo de Souza To: libvir-list@redhat.com Date: Tue, 31 Jul 2018 23:27:10 -0300 Message-Id: <20180801022711.23475-2-marcos.souza.org@gmail.com> In-Reply-To: <20180801022711.23475-1-marcos.souza.org@gmail.com> References: <20180801022711.23475-1-marcos.souza.org@gmail.com> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Wed, 01 Aug 2018 02:27:43 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Wed, 01 Aug 2018 02:27:43 +0000 (UTC) for IP:'209.85.216.179' DOMAIN:'mail-qt0-f179.google.com' HELO:'mail-qt0-f179.google.com' FROM:'marcos.souza.org@gmail.com' RCPT:'' X-RedHat-Spam-Score: -0.11 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_PASS) 209.85.216.179 mail-qt0-f179.google.com 209.85.216.179 mail-qt0-f179.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.39 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27 X-loop: libvir-list@redhat.com Cc: Marcos Paulo de Souza Subject: [libvirt] [PATCH 1/2] esx: Do not crash SetAutoStart by double free X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 01 Aug 2018 02:27:51 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" SetAutoStart method cannot free virtualMachine using esxVI_ObjectContent_Free, since: esxVI_HostAutoStartManagerConfig_Free -> esxVI_AutoStartPowerInfo_Free -> esxVI_ManagedObjectReference_Free(item->key); item->key, in this context, is virtualMachine->obj, so calling esxVI_ObjectContent_Free creates a double free, becasuse esxVI_ObjectContent_Free also calls esxVI_ManagedObjectReference_Free(&item= ->obj). Removing the esxVI_ObjectContent_Free from SetAutoStart fixes this problem. Signed-off-by: Marcos Paulo de Souza --- src/esx/esx_driver.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index cee98ebcaf..3835e4cb3c 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -3421,7 +3421,9 @@ esxDomainSetAutostart(virDomainPtr domain, int autost= art) newPowerInfo->stopAction =3D NULL; } =20 - esxVI_ObjectContent_Free(&virtualMachine); + /* HostAutoStartManagerConfig free method will call autoStartPowerInfo= Free + * in order to free virtualMachine, since newPowerInfo-> key points to + * virtualMachine */ esxVI_HostAutoStartManagerConfig_Free(&spec); esxVI_AutoStartDefaults_Free(&defaults); esxVI_AutoStartPowerInfo_Free(&powerInfoList); --=20 2.17.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Feb 8 09:11:35 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 153309049879997.63815215092916; Tue, 31 Jul 2018 19:28:18 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 88F1B859FF; Wed, 1 Aug 2018 02:28:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2DB29600C7; Wed, 1 Aug 2018 02:28:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C1BF44BB78; Wed, 1 Aug 2018 02:28:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w712Rp7a022519 for ; Tue, 31 Jul 2018 22:27:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id 525D3183D6; Wed, 1 Aug 2018 02:27:51 +0000 (UTC) Received: from mx1.redhat.com (ext-mx13.extmail.prod.ext.phx2.redhat.com [10.5.110.42]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4941116909 for ; Wed, 1 Aug 2018 02:27:49 +0000 (UTC) Received: from mail-qt0-f196.google.com (mail-qt0-f196.google.com [209.85.216.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C7FBF3082133 for ; Wed, 1 Aug 2018 02:27:48 +0000 (UTC) Received: by mail-qt0-f196.google.com with SMTP id b15-v6so18298502qtp.11 for ; Tue, 31 Jul 2018 19:27:48 -0700 (PDT) Received: from bebop.8.8.8.8 ([2804:7f5:d180:bc6a:c749:4636:5580:4df6]) by smtp.gmail.com with ESMTPSA id r13-v6sm10204112qke.21.2018.07.31.19.27.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 31 Jul 2018 19:27:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=o4MZUl3EDp3w+4AB7ySlgouiSXrluEoTtjSovabjNX4=; b=BG1GwyK7agSBQuQNV6fo5bjgRCWvu18ynENsx/nqfg87cRC0lRR+rOzG6BBuFcLc0r NdfWYikxaNqwGDF3qmUij3PdmTg6ThCkBYhcXpn5kVxYM9qLma03EaYrmUiboWhvksvp cO8QIAUSyrSNdBZPfxcqwAqKrnPWe+XblBiObgBMRW2qSvRo3E1QlPDo2oe7CZpu2rh0 W0waPxZzfsaBHKQhqI4muBoR1tfdEO9y3Pu9eeENQIv7YFq6oSZejGzdPY0sDx3nbSMf 8Jw8ipFb41iFoJeeeYa1fQz9/AUh54wMXsDytl35hgLTI5K/IL25d31JiTYiLoQzUK18 tB7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=o4MZUl3EDp3w+4AB7ySlgouiSXrluEoTtjSovabjNX4=; b=bODfTyOpFwtgl6tLR80VB3hmAPOfH3IbRfu8xeKww6SW4HfsFzbysxl/kOy8VLq6zH sifsnqarJQSoJo7/LRotSsgmGPweAPJmeqFntp0b3r1NdARwGIZGCM8bWbu6C7iwmPCf f9xQjjfJ9J0VfM57rY7nksEZOeITAkUKgcEIyigyMj4sX67lbHr+AhaIUnXVmdz++V+6 rLxUOgLGRYUtaZ+KR2354DuS4nAWfLJG6E7+y8e/GUv2CGafJ3Nto45LXJHMfGQMM4Zm gEMMIbrcjpfDnq9YaGTOQFXvRn5KUCgwKNY8D7CZtYEHK+h3HSXtRjMcHnHuXd5N6JnR XZuQ== X-Gm-Message-State: AOUpUlG7NB2vKyF/PrdndodFvVyP/m8GLO1qUIDcm9qVofwJGy1P2Vl5 U5AGopJ3daaaovC5SIxfER9SX95t X-Google-Smtp-Source: AAOMgpcnUrHEEAmuMoFtEe//HS/MiBbEOpanOdsz9j9CZmuxLVJFCDUzWjXdEe+vxEZgk84Hs39XbA== X-Received: by 2002:ac8:6745:: with SMTP id n5-v6mr23273444qtp.143.1533090467582; Tue, 31 Jul 2018 19:27:47 -0700 (PDT) From: Marcos Paulo de Souza To: libvir-list@redhat.com Date: Tue, 31 Jul 2018 23:27:11 -0300 Message-Id: <20180801022711.23475-3-marcos.souza.org@gmail.com> In-Reply-To: <20180801022711.23475-1-marcos.souza.org@gmail.com> References: <20180801022711.23475-1-marcos.souza.org@gmail.com> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Wed, 01 Aug 2018 02:27:48 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Wed, 01 Aug 2018 02:27:48 +0000 (UTC) for IP:'209.85.216.196' DOMAIN:'mail-qt0-f196.google.com' HELO:'mail-qt0-f196.google.com' FROM:'marcos.souza.org@gmail.com' RCPT:'' X-RedHat-Spam-Score: -0.13 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.216.196 mail-qt0-f196.google.com 209.85.216.196 mail-qt0-f196.google.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.42 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Marcos Paulo de Souza Subject: [libvirt] [PATCH 2/2] esx: Fix SetAutoStart invalid pointer free X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Wed, 01 Aug 2018 02:28:17 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" esxVI_AutoStartPowerInfo_Free, which is called from esxVI_HostAutoStartManagerConfig_Free, will always call VIR_FREE to free memory from {start,stop}Action, leading to a invalid pointer. With this patch applied, ESX can set autostart successfully to all it's domains. Signed-off-by: Marcos Paulo de Souza --- src/esx/esx_driver.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index 3835e4cb3c..a49862a1de 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -3386,7 +3386,9 @@ esxDomainSetAutostart(virDomainPtr domain, int autost= art) if (esxVI_AutoStartPowerInfo_Alloc(&newPowerInfo) < 0 || esxVI_Int_Alloc(&newPowerInfo->startOrder) < 0 || esxVI_Int_Alloc(&newPowerInfo->startDelay) < 0 || - esxVI_Int_Alloc(&newPowerInfo->stopDelay) < 0) { + esxVI_Int_Alloc(&newPowerInfo->stopDelay) < 0 || + VIR_ALLOC_N(newPowerInfo->startAction, 8) < 0 || + VIR_ALLOC_N(newPowerInfo->stopAction, 5) < 0) { goto cleanup; } =20 @@ -3394,9 +3396,9 @@ esxDomainSetAutostart(virDomainPtr domain, int autost= art) newPowerInfo->startOrder->value =3D -1; /* no specific start order */ newPowerInfo->startDelay->value =3D -1; /* use system default */ newPowerInfo->waitForHeartbeat =3D esxVI_AutoStartWaitHeartbeatSetting= _SystemDefault; - newPowerInfo->startAction =3D autostart ? (char *)"powerOn" : (char *)= "none"; + strcpy(newPowerInfo->startAction, autostart ? (char *)"powerOn" : (cha= r *)"none"); newPowerInfo->stopDelay->value =3D -1; /* use system default */ - newPowerInfo->stopAction =3D (char *)"none"; + strcpy(newPowerInfo->stopAction, (char *)"none"); =20 if (esxVI_AutoStartPowerInfo_AppendToList(&spec->powerInfo, newPowerInfo) < 0) { --=20 2.17.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list