Hi Sorry for my lack of understanding. But why do them memory have to be explicitly deallocated if exit is called? In what way is that a security issue?
I´m asking as I have seen problems with deallocation more than once. Especially in error handlers. / Ola Sent from a phone Den 13 dec 2016 18:11 skrev "Hugo Lefeuvre" <h...@debian.org>: Hi, While having a look at CVE-2016-9913, I noticed that the virtio_9p_init function in hw/9pfs/virtio-9p-device.c (renamed virtio_9p_device_realize here[0]) doesn't clean allocated memory when encountering errors (in the wheezy version it just does exit(1), issue fixed since this commit[1], jessie is not affected). I'd like to fix this issue. Should I create a tracker entry ? Cheers, Hugo [0] http://git.qemu.org/?p=qemu.git;a=commit;h= 59be75227d3985c9f0a9f5396fc64e357a54defb [1] http://git.qemu.org/?p=qemu.git;a=commit;h= 92304bf3998cedcf3b1026a795edba7e1fd17c74 -- Hugo Lefeuvre (hle) | www.owl.eu.com 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
