qemu: Fix double free of returned JSON array in qemuAgentGetVCPUs()

CVE-2013-4153

A part of the returned monitor response was freed twice and caused
crashes of the daemon when using guest agent cpu count retrieval.

 # virsh vcpucount dom --guest

Introduced in v1.0.6-48-gc6afcb0

(cherry picked from commit dfc692350a04a70b4ca65667c30869b3bfdaf034)

diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
index 991452144340f8b6556e8a26197b3f86042722c1..d6be677d40df1b819792689f2bc1aa5fcb846cb3 100644 (file)
--- a/src/qemu/qemu_agent.c
+++ b/src/qemu/qemu_agent.c
@@ -1538,7 +1538,6 @@ qemuAgentGetVCPUs(qemuAgentPtr mon,
 cleanup:
     virJSONValueFree(cmd);
     virJSONValueFree(reply);
-    virJSONValueFree(data);
     return ret;
 }