rpms/qemu
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
eaa6ce4fe2
qemu/0038-9pfs-add-cleanup-operation-for-proxy-backend-driver.patch
Cole Robinson a0f61528af CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz #1366370) 
CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196)
CVE-2016-7994: virtio-gpu: memory leak in resource_create_2d (bz #1382667)
CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (bz #1383286)
CVE-2016-8578: 9pfs: potential NULL dereferencein 9pfs routines (bz #1383292)
CVE-2016-8668: OOB buffer access in rocker switch emulation (bz #1384898)
CVE-2016-8669: divide by zero error in serial_update_parameters (bz #1384911)
CVE-2016-8909: intel-hda: infinite loop in dma buffer stream (bz #1388053)
Infinite loop vulnerability in a9_gtimer_update (bz #1388300)
CVE-2016-9101: eepro100: memory leakage at device unplug (bz #1389539)
CVE-2016-9103: 9pfs: information leakage via xattr (bz #1389643)
CVE-2016-9102: 9pfs: memory leakage when creating extended attribute (bz #1389551)
CVE-2016-9104: 9pfs: integer overflow leading to OOB access (bz #1389687)
CVE-2016-9105: 9pfs: memory leakage in v9fs_link (bz #1389704)
CVE-2016-9106: 9pfs: memory leakage in v9fs_write (bz #1389713)
CVE-2016-9381: xen: incautious about shared ring processing (bz #1397385)
CVE-2016-9921: Divide by zero vulnerability in cirrus_do_copy (bz #1399054)
CVE-2016-9776: infinite loop while receiving data in mcf_fec_receive (bz #1400830)
CVE-2016-9845: information leakage in virgl_cmd_get_capset_info (bz #1402247)
CVE-2016-9846: virtio-gpu: memory leakage while updating cursor data (bz #1402258)
CVE-2016-9907: usbredir: memory leakage when destroying redirector (bz #1402266)
CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer (bz #1402273)
CVE-2016-9913: 9pfs: memory leakage via proxy/handle callbacks (bz #1402277)
CVE-2016-10028: virtio-gpu-3d: OOB access while reading virgl capabilities (bz #1406368)
CVE-2016-9908: virtio-gpu: information leakage in virgl_cmd_get_capset (bz #1402263)
CVE-2016-9912: virtio-gpu: memory leakage when destroying gpu resource (bz #1402285)
2017-01-16 16:04:06 -05:00

45 lines
1.3 KiB
Diff
Raw Blame History

From: Li Qiang <liq3ea@gmail.com>
Date: Wed, 23 Nov 2016 13:53:34 +0100
Subject: [PATCH] 9pfs: add cleanup operation for proxy backend driver
In the init operation of proxy backend dirver, it allocates a
V9fsProxy struct and some other resources. We should free these
resources when the 9pfs device is unrealized. This is what this
patch does.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
(cherry picked from commit 898ae90a44551d25b8e956fd87372d303c82fe68)
---
hw/9pfs/9p-proxy.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/hw/9pfs/9p-proxy.c b/hw/9pfs/9p-proxy.c
index f265501..336e9fe 100644
--- a/hw/9pfs/9p-proxy.c
+++ b/hw/9pfs/9p-proxy.c
@@ -1179,9 +1179,22 @@ static int proxy_init(FsContext *ctx)
return 0;
}
+static void proxy_cleanup(FsContext *ctx)
+{
+ V9fsProxy *proxy = ctx->private;
+
+ g_free(proxy->out_iovec.iov_base);
+ g_free(proxy->in_iovec.iov_base);
+ if (ctx->export_flags & V9FS_PROXY_SOCK_NAME) {
+ close(proxy->sockfd);
+ }
+ g_free(proxy);
+}
+
FileOperations proxy_ops = {
.parse_opts = proxy_parse_opts,
.init = proxy_init,
+ .cleanup = proxy_cleanup,
.lstat = proxy_lstat,
.readlink = proxy_readlink,
.close = proxy_close,
Reference in New Issue View Git Blame Copy Permalink