subject:"\[Qemu\-devel\] \[PATCH v3 1\/2\] block\: fix dangling bs\->explicit_options in block.c"

Re: [Qemu-devel] [PATCH v3 1/2] block: fix dangling bs->explicit_options in block.c

2017-07-14 Thread Manos Pitsidianakis

On Fri, Jul 14, 2017 at 09:42:22AM -0500, Eric Blake wrote: On 07/14/2017 09:35 AM, Manos Pitsidianakis wrote: In some error paths it is possible to QDECREF a freed dangling explicit_options, resulting in a heap overflow crash. For example bdrv_open_inherit()'s fail unrefs it, then calls

Re: [Qemu-devel] [PATCH v3 1/2] block: fix dangling bs->explicit_options in block.c

2017-07-14 Thread Eric Blake

On 07/14/2017 09:35 AM, Manos Pitsidianakis wrote: > In some error paths it is possible to QDECREF a freed dangling > explicit_options, resulting in a heap overflow crash. For example > bdrv_open_inherit()'s fail unrefs it, then calls bdrv_unref which calls > bdrv_close which also unrefs it. > >

[Qemu-devel] [PATCH v3 1/2] block: fix dangling bs->explicit_options in block.c

2017-07-14 Thread Manos Pitsidianakis

In some error paths it is possible to QDECREF a freed dangling explicit_options, resulting in a heap overflow crash. For example bdrv_open_inherit()'s fail unrefs it, then calls bdrv_unref which calls bdrv_close which also unrefs it. Signed-off-by: Manos Pitsidianakis ---