From: Michal Privoznik Date: Mon, 11 Nov 2024 13:40:32 +0000 (+0100) Subject: ch_monitor: Avoid possible double free in virCHMonitorClose() X-Git-Tag: v10.10.0-rc1~160 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f1f4cbb50a943da5f0b0451e0a32f57bdcd82319;p=thirdparty%2Flibvirt.git ch_monitor: Avoid possible double free in virCHMonitorClose() The virCHMonitorClose() is meant to be called when monitor to cloud-hypervisor process closes. It removes the socket and frees string containing path to the socket. In general, there is a problem with the following pattern: if (var) { do_something(); g_free(var); } because if the pattern executes twice the variable is freed twice. That's why we have VIR_FREE() macro. Well, replace plain g_free() with g_clear_pointer(). Mind you, this is NOT a destructor where clearing pointers is needless. Signed-off-by: Michal Privoznik Reviewed-by: Ján Tomko --- diff --git a/src/ch/ch_monitor.c b/src/ch/ch_monitor.c index ccd04cfbd1..18ca5a764e 100644 --- a/src/ch/ch_monitor.c +++ b/src/ch/ch_monitor.c @@ -626,7 +626,7 @@ void virCHMonitorClose(virCHMonitor *mon) VIR_WARN("Unable to remove CH socket file '%s'", mon->socketpath); } - g_free(mon->socketpath); + g_clear_pointer(&mon->socketpath, g_free); } virObjectUnref(mon);