]> git.proxmox.com Git - mirror_qemu.git/commit - hw/scsi/virtio-scsi.c
projects / mirror_qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cdebec5) | patch
virtio-scsi: fix use-after-free of VirtIOSCSIReq
authorPaolo Bonzini <pbonzini@redhat.com>
Tue, 7 Oct 2014 23:19:00 +0000 (01:19 +0200)
committerPaolo Bonzini <pbonzini@redhat.com>
Thu, 9 Oct 2014 13:36:15 +0000 (15:36 +0200)
commit35e4e96c4d5bfcf8a22930d8e99f7c8c44420062
treec5603336cb7682e5aa965e5acba854ed827b9f62tree
parentcdebec5e40bd0af82da0659f37af85ee2aa2c9d1commit | diff
virtio-scsi: fix use-after-free of VirtIOSCSIReq

scsi_req_continue can complete the request and cause the VirtIOSCSIReq
to be freed.  Fetch req->sreq just once to avoid the bug.

Reported-by: Richard Jones <rjones@redhat.com>
Tested-by: Richard Jones <rjones@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
hw/scsi/virtio-scsi.c diff | blob | blame | history
QEMU mirror