[Qemu-devel] [PATCH] vnc: fix double free issues

Gerd Hoffmann posted 1 patch 7 years, 1 month ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/1487682332-29154-1-git-send-email-kraxel@redhat.com
Test checkpatch passed
Test docker passed
Test s390x passed
ui/vnc.c | 3 +++
1 file changed, 3 insertions(+)
[Qemu-devel] [PATCH] vnc: fix double free issues
Posted by Gerd Hoffmann 7 years, 1 month ago
Reported by Coverity: CID 1371242, 1371243, 1371244.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 ui/vnc.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ui/vnc.c b/ui/vnc.c
index 62e85ed..51f4b30 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3181,6 +3181,7 @@ static void vnc_display_close(VncDisplay *vd)
     g_free(vd->lsock);
     g_free(vd->lsock_tag);
     vd->lsock = NULL;
+    vd->lsock_tag = NULL;
     vd->nlsock = 0;
 
     for (i = 0; i < vd->nlwebsock; i++) {
@@ -3192,6 +3193,7 @@ static void vnc_display_close(VncDisplay *vd)
     g_free(vd->lwebsock);
     g_free(vd->lwebsock_tag);
     vd->lwebsock = NULL;
+    vd->lwebsock_tag = NULL;
     vd->nlwebsock = 0;
 
     vd->auth = VNC_AUTH_INVALID;
@@ -3204,6 +3206,7 @@ static void vnc_display_close(VncDisplay *vd)
     vd->tlsaclname = NULL;
     if (vd->lock_key_sync) {
         qemu_remove_led_event_handler(vd->led);
+        vd->led = NULL;
     }
 }
 
-- 
1.8.3.1


Re: [Qemu-devel] [PATCH] vnc: fix double free issues
Posted by Marc-André Lureau 7 years, 1 month ago
On Tue, Feb 21, 2017 at 5:34 PM Gerd Hoffmann <kraxel@redhat.com> wrote:

> Reported by Coverity: CID 1371242, 1371243, 1371244.
>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Peter Maydell <peter.maydell@linaro.org>
> Cc: Daniel P. Berrange <berrange@redhat.com>
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
>


Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>


---
>  ui/vnc.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/ui/vnc.c b/ui/vnc.c
> index 62e85ed..51f4b30 100644
> --- a/ui/vnc.c
> +++ b/ui/vnc.c
> @@ -3181,6 +3181,7 @@ static void vnc_display_close(VncDisplay *vd)
>      g_free(vd->lsock);
>      g_free(vd->lsock_tag);
>      vd->lsock = NULL;
> +    vd->lsock_tag = NULL;
>      vd->nlsock = 0;
>
>      for (i = 0; i < vd->nlwebsock; i++) {
> @@ -3192,6 +3193,7 @@ static void vnc_display_close(VncDisplay *vd)
>      g_free(vd->lwebsock);
>      g_free(vd->lwebsock_tag);
>      vd->lwebsock = NULL;
> +    vd->lwebsock_tag = NULL;
>      vd->nlwebsock = 0;
>
>      vd->auth = VNC_AUTH_INVALID;
> @@ -3204,6 +3206,7 @@ static void vnc_display_close(VncDisplay *vd)
>      vd->tlsaclname = NULL;
>      if (vd->lock_key_sync) {
>          qemu_remove_led_event_handler(vd->led);
> +        vd->led = NULL;
>      }
>  }
>
> --
> 1.8.3.1
>
>
> --
Marc-André Lureau