rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-qemu-agent-set-ifname-to-NULL-after-freeing.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   e870a17f3a8b4d35a115a5b615c9975b0ee25499
  2.   SOURCES
  3.   libvirt-qemu-agent-set-ifname-to-NULL-after-freeing.patch
Blob History Raw
e870a1 
From 0293adf3792eeb797c498feefa178309d28c4803 Mon Sep 17 00:00:00 2001
e870a1 
Message-Id: <0293adf3792eeb797c498feefa178309d28c4803@dist-git>
e870a1 
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
e870a1 
Date: Wed, 30 Sep 2020 17:38:15 +0200
e870a1 
Subject: [PATCH] qemu: agent: set ifname to NULL after freeing
e870a1 
MIME-Version: 1.0
e870a1 
Content-Type: text/plain; charset=UTF-8
e870a1 
Content-Transfer-Encoding: 8bit
e870a1
e870a1 
CVE-2020-25637
e870a1
e870a1 
Signed-off-by: Ján Tomko <jtomko@redhat.com>
e870a1 
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
e870a1 
Fixes: 0977b8aa071de550e1a013d35e2c72615e65d520
e870a1 
Reviewed-by: Mauro Matteo Cascella <mcascell@redhat.com>
e870a1 
(cherry picked from commit a63b48c5ecef077bf0f909a85f453a605600cf05)
e870a1 
Signed-off-by: Ján Tomko <jtomko@redhat.com>
e870a1
e870a1 
Conflicts: src/qemu/qemu_agent.c
e870a1 
    Commit ee247e1d which switched virStringListFree
e870a1 
    to g_strfreev is missing downstream.
e870a1 
Message-Id: <c1f5b852a6ca4afaebf4fae7633b32dbe91af328.1601480224.git.jtomko@redhat.com>
e870a1 
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
e870a1 
---
e870a1 
 src/qemu/qemu_agent.c | 1 +
e870a1 
 1 file changed, 1 insertion(+)
e870a1
e870a1 
diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
e870a1 
index d6fd02a4b6..35bef8636d 100644
e870a1 
--- a/src/qemu/qemu_agent.c
e870a1 
+++ b/src/qemu/qemu_agent.c
e870a1 
@@ -2055,6 +2055,7 @@ qemuAgentGetInterfaces(qemuAgentPtr mon,
e870a1
e870a1 
         /* Has to be freed for each interface. */
e870a1 
         virStringListFree(ifname);
e870a1 
+        ifname = NULL;
e870a1
e870a1 
         /* as well as IP address which - moreover -
e870a1 
          * can be presented multiple times */
e870a1 
--
e870a1 
2.28.0
e870a1

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation