From: Kevin Wolf <kwolf@redhat.com>
To: anthony@codemonkey.ws
Cc: kwolf@redhat.com, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH 06/55] block: Fix bdrv_open use after free
Date: Mon, 31 Oct 2011 14:29:41 +0100 [thread overview]
Message-ID: <1320067830-12093-7-git-send-email-kwolf@redhat.com> (raw)
In-Reply-To: <1320067830-12093-1-git-send-email-kwolf@redhat.com>
tmp_filename was used outside the block it was defined in, i.e. after it went
out of scope. Move its declaration to the top level.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/block.c b/block.c
index f86984f..d5ec0be 100644
--- a/block.c
+++ b/block.c
@@ -571,6 +571,7 @@ int bdrv_open(BlockDriverState *bs, const char *filename, int flags,
BlockDriver *drv)
{
int ret;
+ char tmp_filename[PATH_MAX];
if (flags & BDRV_O_SNAPSHOT) {
BlockDriverState *bs1;
@@ -578,7 +579,6 @@ int bdrv_open(BlockDriverState *bs, const char *filename, int flags,
int is_protocol = 0;
BlockDriver *bdrv_qcow2;
QEMUOptionParameter *options;
- char tmp_filename[PATH_MAX];
char backing_filename[PATH_MAX];
/* if snapshot, we create a temporary backing file and open it
--
1.7.6.4
next prev parent reply other threads:[~2011-10-31 13:27 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-31 13:29 [Qemu-devel] [PULL 00/55] Block patches Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 01/55] iSCSI block driver Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 02/55] Documentation: Add iSCSI section Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 03/55] Teach block/vdi about "discarded" (no longer allocated) blocks Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 04/55] qcow2: fix some errors and typo in qcow2.txt Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 05/55] block: Remove dead code Kevin Wolf
2011-10-31 13:29 ` Kevin Wolf [this message]
2011-10-31 13:29 ` [Qemu-devel] [PATCH 07/55] qcow: Fix bdrv_write_compressed error handling Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 08/55] ide: Fix off-by-one error in array index check Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 09/55] vmdk: Fix use of uninitialised value Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 10/55] vmdk: Improve error handling Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 11/55] vmdk: Fix possible segfaults Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 12/55] Documentation: Describe NBD URL syntax Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 13/55] block: fix qcow2_co_flush deadlock Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 14/55] qemu-io: delete bs instead of leaking it Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 15/55] block: set bs->read_only before .bdrv_open() Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 16/55] block: reinitialize across bdrv_close()/bdrv_open() Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 17/55] Documentation: Add syntax for using sheepdog devices Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 18/55] scsi: pass correct sense code for ENOMEDIUM Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 19/55] atapi/scsi: unify definitions for MMC Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 20/55] atapi: move GESN definitions to scsi-defs.h Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 21/55] atapi: cleanup/fix mode sense results Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 22/55] scsi: notify the device when unit attention is reported Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 23/55] scsi-disk: report media changed via unit attention sense codes Kevin Wolf
2011-10-31 13:29 ` [Qemu-devel] [PATCH 24/55] scsi-disk: fix coding style issues (braces) Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 25/55] scsi-disk: add stubs for more MMC commands Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 26/55] scsi-disk: store valid mode pages in a table Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 27/55] atapi/scsi-disk: make mode page values coherent between the two Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 28/55] scsi-disk: support DVD profile in GET CONFIGURATION Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 29/55] scsi-disk: support READ DVD STRUCTURE Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 30/55] scsi-disk: report media changed via GET EVENT STATUS NOTIFICATION Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 31/55] scsi: move tcq/ndev to SCSIBusOps (now SCSIBusInfo) Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 32/55] qdev: switch children device list to QTAILQ Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 33/55] scsi: remove devs array from SCSIBus Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 34/55] scsi: implement REPORT LUNS for arbitrary LUNs Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 35/55] scsi: allow " Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 36/55] scsi: add channel to addressing Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 37/55] scsi-disk: fail READ CAPACITY if LBA != 0 but PMI == 0 Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 38/55] scsi-disk: fix retrying a flush Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 39/55] scsi-generic: drop SCSIGenericState Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 40/55] scsi-generic: remove scsi_req_fixup Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 41/55] scsi-generic: check ioctl statuses when SG_IO succeeds Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 42/55] scsi-generic: look at host status Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 43/55] scsi-generic: snoop READ CAPACITY commands to get block size Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 44/55] scsi-disk: do not duplicate BlockDriverState member Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 45/55] scsi-disk: remove cluster_size Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 46/55] scsi-disk: small clean up to INQUIRY Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 47/55] scsi: move max_lba to SCSIDevice Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 48/55] scsi: make reqops const Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 49/55] scsi: export scsi_generic_reqops Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 50/55] scsi: pass cdb to alloc_req Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 51/55] scsi: do not call transfer_data after canceling a request Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 52/55] scsi-disk: bump SCSIRequest reference count until aio completion runs Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 53/55] scsi-generic: " Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 54/55] scsi: push request restart to SCSIDevice Kevin Wolf
2011-10-31 13:30 ` [Qemu-devel] [PATCH 55/55] scsi-disk: add scsi-block for device passthrough Kevin Wolf
2011-10-31 16:52 ` [Qemu-devel] [PULL 00/55] Block patches Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1320067830-12093-7-git-send-email-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=anthony@codemonkey.ws \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).