[pve-qemu-kvm.git] / debian / patches / extra / CVE-2016-9105-9pfs-fix-memory-leak-in-v9fs_link.patch

From 94979ec1a852871eaee150cb56f0e8cac4316e35 Mon Sep 17 00:00:00 2001
From: Li Qiang <liqiang6-s@360.cn>
Date: Mon, 17 Oct 2016 14:13:58 +0200
Subject: [PATCH 6/8] 9pfs: fix memory leak in v9fs_link

The v9fs_link() function keeps a reference on the source fid object. This
causes a memory leak since the reference never goes down to 0. This patch
fixes the issue.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
Reviewed-by: Greg Kurz <groug@kaod.org>
[groug, rephrased the changelog]
Signed-off-by: Greg Kurz <groug@kaod.org>
---
 hw/9pfs/9p.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index f5af4e3..aa2b8c0 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -2403,6 +2403,7 @@ static void v9fs_link(void *opaque)
     if (!err) {
         err = offset;
     }
+    put_fid(pdu, oldfidp);
 out:
     put_fid(pdu, dfidp);
 out_nofid:
-- 
2.1.4
Commit	Line	Data
d37b5565 WB	1	From 94979ec1a852871eaee150cb56f0e8cac4316e35 Mon Sep 17 00:00:00 2001
	2	From: Li Qiang <liqiang6-s@360.cn>
	3	Date: Mon, 17 Oct 2016 14:13:58 +0200
	4	Subject: [PATCH 6/8] 9pfs: fix memory leak in v9fs_link
	5
	6	The v9fs_link() function keeps a reference on the source fid object. This
	7	causes a memory leak since the reference never goes down to 0. This patch
	8	fixes the issue.
	9
	10	Signed-off-by: Li Qiang <liqiang6-s@360.cn>
	11	Reviewed-by: Greg Kurz <groug@kaod.org>
	12	[groug, rephrased the changelog]
	13	Signed-off-by: Greg Kurz <groug@kaod.org>
	14	---
	15	hw/9pfs/9p.c \| 1 +
	16	1 file changed, 1 insertion(+)
	17
	18	diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
	19	index f5af4e3..aa2b8c0 100644
	20	--- a/hw/9pfs/9p.c
	21	+++ b/hw/9pfs/9p.c
	22	@@ -2403,6 +2403,7 @@ static void v9fs_link(void *opaque)
	23	if (!err) {
	24	err = offset;
	25	}
	26	+ put_fid(pdu, oldfidp);
	27	out:
	28	put_fid(pdu, dfidp);
	29	out_nofid:
	30	--
	31	2.1.4
	32