[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v5 03/10] virtio-blk: fix reference a pointer which
From: |
zhanghailiang |
Subject: |
[Qemu-devel] [PATCH v5 03/10] virtio-blk: fix reference a pointer which might be freed |
Date: |
Mon, 11 Aug 2014 16:53:02 +0800 |
In function virtio_blk_handle_request, it may freed memory pointed by req,
So do not access member of req after calling this function.
Reviewed-by: Stefan Hajnoczi <address@hidden>
Signed-off-by: zhanghailiang <address@hidden>
---
hw/block/virtio-blk.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index c241c50..54a853a 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -458,7 +458,7 @@ static void virtio_blk_handle_output(VirtIODevice *vdev,
VirtQueue *vq)
static void virtio_blk_dma_restart_bh(void *opaque)
{
VirtIOBlock *s = opaque;
- VirtIOBlockReq *req = s->rq;
+ VirtIOBlockReq *req = s->rq, *next = NULL;
MultiReqBuffer mrb = {
.num_writes = 0,
};
@@ -469,8 +469,9 @@ static void virtio_blk_dma_restart_bh(void *opaque)
s->rq = NULL;
while (req) {
+ next = req->next;
virtio_blk_handle_request(req, &mrb);
- req = req->next;
+ req = next;
}
virtio_submit_multiwrite(s->bs, &mrb);
--
1.7.12.4
- [Qemu-devel] [PATCH v5 00/10] fix three bugs about use-after-free and several api abuse, zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 04/10] ivshmem: check the value returned by fstat(), zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 03/10] virtio-blk: fix reference a pointer which might be freed,
zhanghailiang <=
- [Qemu-devel] [PATCH v5 06/10] slirp/misc: Use g_malloc() instead of malloc(), zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 05/10] util/path: Use the GLib memory allocation routines, zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 08/10] tests/bios-tables-test: check the value returned by fopen(), zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 02/10] monitor: fix access freed memory, zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 01/10] l2cap: fix access freed memory, zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 10/10] block/vvfat: fix setbuf stream parameter may be NULL, zhanghailiang, 2014/08/11
- [Qemu-devel] [PATCH v5 09/10] tcg: check return value of fopen(), zhanghailiang, 2014/08/11