openkylin
/
qemu
mirror of https://gitee.com/openkylin/qemu.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
qemu/migration
History
Vladimir Sementsov-Ogievskiy f9c8caa04f migration: fix use-after-free of to_dst_file 
hmp_savevm calls qemu_savevm_state(f), which sets to_dst_file=f in
global migration state. Then hmp_savevm closes f (g_free called).

Next access to to_dst_file in migration state (for example,
qmp_migrate_set_speed) will use it after it was freed.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20170225193155.447462-5-vsementsov@virtuozzo.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
 		2017-02-28 11:30:23 +00:00
..
Makefile.objs build: remove --enable-colo/--disable-colo 2017-01-16 17:52:35 +01:00
block.c migration/block: Convert saving to BlockBackend 2016-06-08 10:21:08 +02:00
colo-comm.c COLO: Add 'x-colo-lost-heartbeat' command to trigger failover 2016-10-30 15:17:39 +05:30
colo-failover.c COLO: Implement the process of failover for primary VM 2016-10-30 15:17:39 +05:30
colo.c COLO: Don't process failover request while loading VM's state 2017-02-13 17:27:13 +00:00
exec.c migration: set name for all I/O channels created 2016-10-27 09:13:10 +02:00
fd.c migration: set name for all I/O channels created 2016-10-27 09:13:10 +02:00
migration.c migrate: Introduce a 'dc->vmsd' check to avoid segfault for --only-migratable 2017-02-28 11:30:22 +00:00
postcopy-ram.c migration/postcopy: Explicitly disallow huge pages 2016-10-13 17:23:53 +02:00
qemu-file-channel.c migration: introduce a new QEMUFile impl based on QIOChannel 2016-05-26 11:31:24 +05:30
qemu-file.c add 'release-ram' migrate capability 2017-02-13 17:27:13 +00:00
qjson.c qjson: free str 2016-08-08 00:00:24 +04:00
ram.c migrate: Introduce zero RAM checks to skip RAM migration 2017-02-13 17:27:13 +00:00
rdma.c migration/rdma: Don't flag an error when we've been told about one 2016-10-13 17:22:38 +02:00
savevm.c migration: fix use-after-free of to_dst_file 2017-02-28 11:30:23 +00:00
socket.c io: change the QIOTask callback signature 2017-01-23 15:32:18 +00:00
tls.c io: change the QIOTask callback signature 2017-01-23 15:32:18 +00:00
trace-events trace: clean up trace-events files 2017-01-31 17:12:15 +00:00
vmstate.c migration/vmstate: fix array of ptr with nullptrs 2017-02-28 11:29:00 +00:00
xbzrle.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00