[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL v2 12/13] softmmu/qdev-monitor: fix use-after-free in qdev_set_id(
From: |
Hanna Reitz |
Subject: |
[PULL v2 12/13] softmmu/qdev-monitor: fix use-after-free in qdev_set_id() |
Date: |
Tue, 16 Nov 2021 14:06:17 +0100 |
From: Stefan Hajnoczi <stefanha@redhat.com>
Reported by Coverity (CID 1465222).
Fixes: 4a1d937796de0fecd8b22d7dbebf87f38e8282fd ("softmmu/qdev-monitor: add
error handling in qdev_set_id")
Cc: Damien Hedde <damien.hedde@greensocs.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20211102163342.31162-1-stefanha@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20211115145409.176785-14-kwolf@redhat.com>
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
---
softmmu/qdev-monitor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c
index b5aaae4b8c..01ec420e61 100644
--- a/softmmu/qdev-monitor.c
+++ b/softmmu/qdev-monitor.c
@@ -593,8 +593,8 @@ const char *qdev_set_id(DeviceState *dev, char *id, Error
**errp)
if (prop) {
dev->id = id;
} else {
- g_free(id);
error_setg(errp, "Duplicate device ID '%s'", id);
+ g_free(id);
return NULL;
}
} else {
--
2.33.1
- [PULL v2 02/13] block: Manipulate children list in .attach/.detach, (continued)
- [PULL v2 02/13] block: Manipulate children list in .attach/.detach, Hanna Reitz, 2021/11/16
- [PULL v2 03/13] block: Unite remove_empty_child and child_free, Hanna Reitz, 2021/11/16
- [PULL v2 04/13] block: Drop detached child from ignore list, Hanna Reitz, 2021/11/16
- [PULL v2 06/13] block: Restructure remove_file_or_backing_child(), Hanna Reitz, 2021/11/16
- [PULL v2 05/13] block: Pass BdrvChild ** to replace_child_noperm, Hanna Reitz, 2021/11/16
- [PULL v2 07/13] transactions: Invoke clean() after everything else, Hanna Reitz, 2021/11/16
- [PULL v2 08/13] block: Let replace_child_tran keep indirect pointer, Hanna Reitz, 2021/11/16
- [PULL v2 10/13] iotests/030: Unthrottle parallel jobs in reverse, Hanna Reitz, 2021/11/16
- [PULL v2 11/13] docs: Deprecate incorrectly typed device_add arguments, Hanna Reitz, 2021/11/16
- [PULL v2 09/13] block: Let replace_child_noperm free children, Hanna Reitz, 2021/11/16
- [PULL v2 12/13] softmmu/qdev-monitor: fix use-after-free in qdev_set_id(),
Hanna Reitz <=
- [PULL v2 13/13] file-posix: Fix alignment after reopen changing O_DIRECT, Hanna Reitz, 2021/11/16
- [PULL v2 01/13] stream: Traverse graph after modification, Hanna Reitz, 2021/11/16
- Re: [PULL v2 00/13] Block patches, Richard Henderson, 2021/11/16