43fe83
From 15d641feff137696f82aade8aaa56dea976cefeb Mon Sep 17 00:00:00 2001
43fe83
Message-Id: <15d641feff137696f82aade8aaa56dea976cefeb.1377873639.git.jdenemar@redhat.com>
43fe83
From: Alex Jia <ajia@redhat.com>
43fe83
Date: Wed, 14 Aug 2013 13:55:26 +0200
43fe83
Subject: [PATCH] remote: Fix a segfault in remoteDomainCreateWithFlags
43fe83
43fe83
Valgrind defects memory error:
43fe83
43fe83
==16759== 1 errors in context 1 of 8:
43fe83
==16759== Invalid free() / delete / delete[] / realloc()
43fe83
==16759==    at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
43fe83
==16759==    by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so)
43fe83
==16759==    by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31)
43fe83
==16759==    by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58)
43fe83
==16759==    by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762)
43fe83
==16759==    by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so)
43fe83
==16759==    by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441)
43fe83
==16759==    by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499)
43fe83
==16759==    by 0x13127A: cmdStart (virsh-domain.c:3376)
43fe83
==16759==    by 0x12BF83: vshCommandRun (virsh.c:1751)
43fe83
==16759==    by 0x126FFB: main (virsh.c:3205)
43fe83
==16759==  Address 0xe1394a0 is not stack'd, malloc'd or (recently) free'd
43fe83
43fe83
==16759== 1 errors in context 2 of 8:
43fe83
==16759== Conditional jump or move depends on uninitialised value(s)
43fe83
==16759==    at 0x4A07477: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
43fe83
==16759==    by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so)
43fe83
==16759==    by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31)
43fe83
==16759==    by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58)
43fe83
==16759==    by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762)
43fe83
==16759==    by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so)
43fe83
==16759==    by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441)
43fe83
==16759==    by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499)
43fe83
==16759==    by 0x13127A: cmdStart (virsh-domain.c:3376)
43fe83
==16759==    by 0x12BF83: vshCommandRun (virsh.c:1751)
43fe83
==16759==    by 0x126FFB: main (virsh.c:3205)
43fe83
==16759==  Uninitialised value was created by a stack allocation
43fe83
==16759==    at 0x4D7F120: remoteDomainCreateWithFlags (remote_driver.c:2423)
43fe83
43fe83
How to reproduce?
43fe83
43fe83
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=994855
43fe83
43fe83
Signed-off-by: Alex Jia <ajia@redhat.com>
43fe83
(cherry picked from commit be7a89e8cabbc0e222b9e39c6266ece576295fe3)
43fe83
---
43fe83
 src/remote/remote_driver.c | 1 +
43fe83
 1 file changed, 1 insertion(+)
43fe83
43fe83
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
43fe83
index f828eef..71d0034 100644
43fe83
--- a/src/remote/remote_driver.c
43fe83
+++ b/src/remote/remote_driver.c
43fe83
@@ -2431,6 +2431,7 @@ remoteDomainCreateWithFlags(virDomainPtr dom, unsigned int flags)
43fe83
     make_nonnull_domain(&args.dom, dom);
43fe83
     args.flags = flags;
43fe83
 
43fe83
+    memset(&ret, 0, sizeof(ret));
43fe83
     if (call(dom->conn, priv, 0, REMOTE_PROC_DOMAIN_CREATE_WITH_FLAGS,
43fe83
              (xdrproc_t)xdr_remote_domain_create_with_flags_args, (char *)&args,
43fe83
              (xdrproc_t)xdr_remote_domain_create_with_flags_ret, (char *)&ret) == -1) {
43fe83
-- 
43fe83
1.8.3.2
43fe83