[CRIU] [PATCH] image: don't free an img object from pb_write_one()
Pavel Emelyanov
xemul at parallels.com
Tue May 5 03:41:19 PDT 2015
On 05/01/2015 04:03 PM, Andrey Vagin wrote:
> This is unexpected behaviour.
> pb_write_one
> open_image_lazy
> do_open_image
> xfree(img)
>
> 255 if (pb_write_one(img, &cpu_info, PB_CPUINFO) < 0) {
>>>> CID 92728: Memory - illegal accesses (USE_AFTER_FREE)
>>>> Calling "close_image" dereferences freed pointer "img".
> 256 close_image(img);
> 257 return -1;
> 258 }
>
> Signed-off-by: Andrey Vagin <avagin at openvz.org>
Applied, thanks
More information about the CRIU
mailing list