If cleanup_virt_device is called twice (e.g. during modify resource) a double free can occur because only the dev substructure has been memset to zero. Now zeroing the entire structure.
Signed-off-by: Viktor Mihajlovski <[email protected]> --- libxkutil/device_parsing.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libxkutil/device_parsing.c b/libxkutil/device_parsing.c index 0636864..076bec0 100644 --- a/libxkutil/device_parsing.c +++ b/libxkutil/device_parsing.c @@ -308,7 +308,7 @@ void cleanup_virt_device(struct virt_device *dev) free(dev->id); - memset(&dev->dev, 0, sizeof(dev->dev)); + memset(dev, 0, sizeof(*dev)); } void cleanup_virt_devices(struct virt_device **_devs, int count) -- 1.7.9.5 _______________________________________________ Libvirt-cim mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvirt-cim
