[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v3] make check-unit: use after free in test-opts
|
From: |
Andrey Shinkevich |
|
Subject: |
Re: [Qemu-devel] [PATCH v3] make check-unit: use after free in test-opts-visitor |
|
Date: |
Wed, 21 Aug 2019 11:55:07 +0000 |
On 21/08/2019 14:25, Markus Armbruster wrote:
> Andrey Shinkevich <address@hidden> writes:
>
>> In the struct OptsVisitor, the 'repeated_opts' member points to a list
>> in the 'unprocessed_opts' hash table after the list has been destroyed.
>> A subsequent call to visit_type_int() references the deleted list.
>> It results in use-after-free issue reproduced by running the test case
>> under the Valgrind: valgrind tests/test-opts-visitor.
>> A new mode ListMode::LM_TRAVERSED is declared to mark the list
>> traversal completed.
>>
>> Suggested-by: Markus Armbruster <address@hidden>
>> Signed-off-by: Andrey Shinkevich <address@hidden>
>
> Reviewed-by: Markus Armbruster <address@hidden>
>
> Queued. Thanks!
>
Thank you very much Markus!
Andrey
--
With the best regards,
Andrey Shinkevich