qemu_conf: Fix double free problem for cfg->firmwares

cfg->firmwares still points to the original memory address after being
freed by virFirmwareFreeList(). As cfg get freed, it will be freed again
even if cfg->nfirmwares=0 which eventually lead to crash.

The patch fix it by setting cfg->firmwares to NULL explicitly after
virFirmwareFreeList() returns

Signed-off-by: Guoyi Tu<tu.guoyi@h3c.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index d6615ca0dd2903129ab8dfeb571e42ed6c75aa58..cbdde0c0dcd26e3d65a62f6851a164287554c93a 100644 (file)
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -834,6 +834,7 @@ virQEMUDriverConfigLoadNVRAMEntry(virQEMUDriverConfigPtr cfg,
         VIR_AUTOSTRINGLIST fwList = NULL;
 
         virFirmwareFreeList(cfg->firmwares, cfg->nfirmwares);
+        cfg->firmwares = NULL;
 
         if (qemuFirmwareFetchConfigs(&fwList, privileged) < 0)
             return -1;