f036a54ad6
Refine the reproducible build changes to no longer override linux commands, but rather fix via patches only. Also fix all the recent security issues reported. OBS-URL: https://build.opensuse.org/request/show/441247 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=320
40 lines
1.3 KiB
Diff
40 lines
1.3 KiB
Diff
From 5f29f9ab1d097cf326dfa477f75d30117f668b49 Mon Sep 17 00:00:00 2001
|
|
From: Li Qiang <liqiang6-s@360.cn>
|
|
Date: Mon, 17 Oct 2016 14:13:58 +0200
|
|
Subject: [PATCH] 9pfs: fix potential host memory leak in v9fs_read
|
|
|
|
In 9pfs read dispatch function, it doesn't free two QEMUIOVector
|
|
object thus causing potential memory leak. This patch avoid this.
|
|
|
|
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
|
|
Signed-off-by: Greg Kurz <groug@kaod.org>
|
|
(cherry picked from commit e95c9a493a5a8d6f969e86c9f19f80ffe6587e19)
|
|
[BR: CVE-2016-8577 BSC#1003893]
|
|
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
|
---
|
|
hw/9pfs/9p.c | 5 +++--
|
|
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
|
|
index 239aef4..4a71cff 100644
|
|
--- a/hw/9pfs/9p.c
|
|
+++ b/hw/9pfs/9p.c
|
|
@@ -1812,14 +1812,15 @@ static void v9fs_read(void *opaque)
|
|
if (len < 0) {
|
|
/* IO error return the error */
|
|
err = len;
|
|
- goto out;
|
|
+ goto out_free_iovec;
|
|
}
|
|
} while (count < max_count && len > 0);
|
|
err = pdu_marshal(pdu, offset, "d", count);
|
|
if (err < 0) {
|
|
- goto out;
|
|
+ goto out_free_iovec;
|
|
}
|
|
err += offset + count;
|
|
+out_free_iovec:
|
|
qemu_iovec_destroy(&qiov);
|
|
qemu_iovec_destroy(&qiov_full);
|
|
} else if (fidp->fid_type == P9_FID_XATTR) {
|