projects / qemu.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2c9bf30)
char: remove use-after-free on win-stdio
authorMarc-André Lureau <marcandre.lureau@redhat.com>
Sat, 22 Oct 2016 09:52:42 +0000 (12:52 +0300)
committerPaolo Bonzini <pbonzini@redhat.com>
Mon, 24 Oct 2016 13:27:19 +0000 (15:27 +0200)
Found by reviewing the code, win_stdio_close() is called by
qemu_chr_free() which then call qemu_chr_free_common() taking care of
freeing CharDriverState*.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20161022095318.17775-3-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qemu-char.c patch | blob | history

diff --git a/qemu-char.c b/qemu-char.c
index d83a89618e19709e3c7715c7dd3b1681a3f94ffd..9165051f2aaef542384b2505e592b7000cab93e5 100644 (file)
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2435,7 +2435,6 @@ static void win_stdio_close(CharDriverState *chr)
     }
 
     g_free(chr->opaque);
-    g_free(chr);
 }
 
 static CharDriverState *qemu_chr_open_stdio(const char *id,
Unnamed repository; edit this file 'description' to name the repository.