git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Pekka Enberg <penberg@kernel.org>
	Sat, 4 Feb 2012 08:30:42 +0000 (10:30 +0200)
committer	Pekka Enberg <penberg@kernel.org>
	Sat, 4 Feb 2012 08:30:42 +0000 (10:30 +0200)
commit	a03b5cb64b9f09803204014f3189869f0f72969d
tree	7aae3004f0eb1de519cd86de86f2f4adef22bc7b	tree \| snapshot
parent	76b96f4f4f01128495c524b1b44940c28786196b	commit \| diff

kvm tools, x86: Fix use after free in irq__exit()

Valgrind spotted this issue with KVM tool shutdown:

  ==1823== Invalid read of size 8
  ==1823==    at 0x410DD0: rb_next (rbtree.c:390)
  ==1823==    by 0x417376: irq__exit (irq.c:182)
  ==1823==    by 0x406230: kvm_cmd_run (builtin-run.c:1275)
  ==1823==    by 0x410670: handle_command (kvm-cmd.c:84)
  ==1823==    by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
  ==1823==  Address 0x4f7cca0 is 0 bytes inside a block of size 48 free'd
  ==1823==    at 0x4A055FE: free (vg_replace_malloc.c:366)
  ==1823==    by 0x41736E: irq__exit (irq.c:192)
  ==1823==    by 0x406230: kvm_cmd_run (builtin-run.c:1275)
  ==1823==    by 0x410670: handle_command (kvm-cmd.c:84)
  ==1823==    by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)

Fix it up.

Signed-off-by: Pekka Enberg <penberg@kernel.org>