On 07/14/2017 09:35 AM, Manos Pitsidianakis wrote: > In some error paths it is possible to QDECREF a freed dangling > explicit_options, resulting in a heap overflow crash. For example > bdrv_open_inherit()'s fail unrefs it, then calls bdrv_unref which calls > bdrv_close which also unrefs it. > > Signed-off-by: Manos Pitsidianakis <el13...@mail.ntua.gr> > --- > block.c | 2 ++ > 1 file changed, 2 insertions(+)
Reviewed-by: Eric Blake <ebl...@redhat.com> Can you pinpoint which commit introduced the bug, in order to decide if this affects 2.9 and should therefore be cc'd to qemu-stable? -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
