If the code jump to the cleanup before assigning value to @xml
libvirtd may crash when it tries to free an uninitialized pointer.
backtrace:
0 0x00007ffff428d59c in free () from /lib64/libc.so.6
1 0x00007ffff721314a in virFree (ptrptr=ptrptr@entry=0x7fffc67f1b00) at util/viralloc.c:582
2 0x00007ffff7345ac4 in virDomainConfNWFilterInstantiate (vmname=<optimized out>,
vmuuid=vmuuid@entry=0x7fffc0181ca8 "߉\237\\۔H\262\206z\340\302f\265\233z", net=<optimized out>,
ignoreExists=ignoreExists@entry=true) at conf/domain_nwfilter.c:122
3 0x00007fffca5a77f6 in qemuProcessFiltersInstantiate (ignoreExists=true, def=0x7fffc0181ca0) at qemu/qemu_process.c:3028
4 qemuProcessReconnect (opaque=<optimized out>) at qemu/qemu_process.c:7653
5 0x00007ffff72c4895 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
6 0x00007ffff45dcdd5 in start_thread () from /lib64/libpthread.so.0
7 0x00007ffff4305ead in clone () from /lib64/libc.so.6
Signed-off-by: Luyao Huang <lhuang@redhat.com>
virConnectPtr conn = virGetConnectNWFilter();
virNWFilterBindingDefPtr def = NULL;
virNWFilterBindingPtr binding = NULL;
- char *xml;
+ char *xml = NULL;
int ret = -1;
VIR_DEBUG("vmname=%s portdev=%s filter=%s ignoreExists=%d",
projects / thirdparty / libvirt.git / commitdiff
