libvirt/ca697e90-CVE-2013-1962.patch
James Fehlig 8806eb20b1 - fix leak after listing all volumes - CVE-2013-1962
ca697e90-CVE-2013-1962.patch
  bnc#820397
- Fix iohelper usage with streams opened for read
  a2214c52-iohelper.patch
- Cope with missing swap cgroup controls
  f493d83f-cgroup-swap-control.patch
  bnc#819976
- Fix cgroup handling when setting VCPU BW
  0471637d-cgroups-vcpu-bw.patch
  rhb#963592
- Escape a leading '.' with '_' in the cgroup names
  0ced83dc-cgroup-escape-dot.patch
- Add missing documentation on new cgroup layout
  486a86eb-cgroups-docs.patch
- Another fix related to systems with no cgroups
  c2cf5f1c-no-cgroups-fix.patch
  bnc#819963

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=264
2013-05-18 15:17:46 +00:00

27 lines
789 B
Diff

commit ca697e90d5bd6a6dfb94bfb6d4438bdf9a44b739
Author: Ján Tomko <jtomko@redhat.com>
Date: Fri Apr 12 17:30:56 2013 +0200
daemon: fix leak after listing all volumes
CVE-2013-1962
remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
The pool also held a reference to the connection, preventing it from
getting freed and closing the netcf interface driver, which held two
sockets open.
Index: libvirt-1.0.5/daemon/remote.c
===================================================================
--- libvirt-1.0.5.orig/daemon/remote.c
+++ libvirt-1.0.5/daemon/remote.c
@@ -4226,6 +4226,8 @@ cleanup:
virStorageVolFree(vols[i]);
VIR_FREE(vols);
}
+ if (pool)
+ virStoragePoolFree(pool);
return rv;
}