From cafcec2f5b0c9ff1dc573d798933ae453a15fa29 Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 16 Jul 2013 15:39:06 +0200
Subject: [PATCH] qemu: Fix double free of returned JSON array in
 qemuAgentGetVCPUs()

CVE-2013-4153

A part of the returned monitor response was freed twice and caused
crashes of the daemon when using guest agent cpu count retrieval.

 # virsh vcpucount dom --guest

Introduced in v1.0.6-48-gc6afcb0

(cherry picked from commit dfc692350a04a70b4ca65667c30869b3bfdaf034)
---
 src/qemu/qemu_agent.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
index 9914521443..d6be677d40 100644
--- a/src/qemu/qemu_agent.c
+++ b/src/qemu/qemu_agent.c
@@ -1538,7 +1538,6 @@ qemuAgentGetVCPUs(qemuAgentPtr mon,
 cleanup:
     virJSONValueFree(cmd);
     virJSONValueFree(reply);
-    virJSONValueFree(data);
     return ret;
 }
 
-- 
2.47.3