qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v3] make check-unit: use after free in test-opts

From: Markus Armbruster
Subject: Re: [Qemu-devel] [PATCH v3] make check-unit: use after free in test-opts-visitor
Date: Wed, 21 Aug 2019 13:25:19 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) 
Andrey Shinkevich <address@hidden> writes:

> In the struct OptsVisitor, the 'repeated_opts' member points to a list
> in the 'unprocessed_opts' hash table after the list has been destroyed.
> A subsequent call to visit_type_int() references the deleted list.
> It results in use-after-free issue reproduced by running the test case
> under the Valgrind: valgrind tests/test-opts-visitor.
> A new mode ListMode::LM_TRAVERSED is declared to mark the list
> traversal completed.
>
> Suggested-by: Markus Armbruster <address@hidden>
> Signed-off-by: Andrey Shinkevich <address@hidden>

Reviewed-by: Markus Armbruster <address@hidden>

Queued.  Thanks!
reply via email to
[Prev in Thread] Current Thread [Next in Thread]