git.ipfire.org Git - thirdparty/libvirt.git/commit

author	John Ferlan <jferlan@redhat.com>
	Tue, 5 Jun 2018 20:20:59 +0000 (16:20 -0400)
committer	John Ferlan <jferlan@redhat.com>
	Wed, 6 Jun 2018 12:20:27 +0000 (08:20 -0400)
commit	228ae70938d0cb85353e35f744fbc494de619481
tree	d0f57db33c417ad8789d9c3c4d01752d6dea8d23	tree \| snapshot
parent	7d34949b079e9975a8fca54e0d834f1c7d22f339	commit \| diff

qemu: Fix double free in qemuDomainSecretAESClear

Commit id 02b031a4 added a secondary path from which the
incoming @secinfo would not be free'd until the private
data was freed in qemuDomainStorageSourcePrivateDispose.

However, by doing this the original intention to free
@*secinfo afterwards is lost and thus the pass by value
of the secinfo->s.aes (or secinfo->s.plain for its method)
results in not keeping the NULL setting in the various
secret.{username|iv|ciphertext} fields upon return to
qemuDomainSecretInfoClear and eventually will result in
a double free at domain destroy:

    raise ()
    abort ()
    __libc_message ()
    malloc_printerr ()
    _int_free ()
    virFree
    qemuDomainSecretAESClear
    qemuDomainSecretInfoClear
    qemuDomainSecretInfoFree
    qemuDomainStorageSourcePrivateDispose
    virObjectUnref
    virStorageSourceClear
    virStorageSourceFree
    virDomainDiskDefFree
    virDomainDefFree
    virDomainObjRemoveTransientDef
    qemuProcessStop
    qemuDomainDestroyFlags
    virDomainDestroy

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Peter Krempa <pkrempa@redhat.com>