From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1MySJK-0005mi-ED for qemu-devel@nongnu.org; Thu, 15 Oct 2009 11:32:14 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1MySJG-0005m2-S8 for qemu-devel@nongnu.org; Thu, 15 Oct 2009 11:32:14 -0400 Received: from [199.232.76.173] (port=33192 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1MySJG-0005lx-Mh for qemu-devel@nongnu.org; Thu, 15 Oct 2009 11:32:10 -0400 Received: from mx1.redhat.com ([209.132.183.28]:9117) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1MySJF-0000K5-WA for qemu-devel@nongnu.org; Thu, 15 Oct 2009 11:32:10 -0400 Received: from int-mx05.intmail.prod.int.phx2.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.18]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id n9FFW90S012901 for ; Thu, 15 Oct 2009 11:32:09 -0400 From: Kevin Wolf Date: Thu, 15 Oct 2009 17:31:01 +0200 Message-Id: <1255620661-6810-1-git-send-email-kwolf@redhat.com> Subject: [Qemu-devel] [PATCH] qcow2: Fix grow_refcount_table error handling List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Kevin Wolf In case of failure, we haven't increased the refcount for the newly allocated cluster yet. Therefore we must not free the cluster or its refcount will become negative (and endless recursion is possible). Signed-off-by: Kevin Wolf --- block/qcow2-refcount.c | 1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c index 609eee1..3026678 100644 --- a/block/qcow2-refcount.c +++ b/block/qcow2-refcount.c @@ -182,7 +182,6 @@ static int grow_refcount_table(BlockDriverState *bs, int min_size) qcow2_free_clusters(bs, old_table_offset, old_table_size * sizeof(uint64_t)); return 0; fail: - qcow2_free_clusters(bs, table_offset, new_table_size2); qemu_free(new_table); return -EIO; } -- 1.6.2.5