Commit 6a4a3853 authored by Vladimir Sementsov-Ogievskiy's avatar Vladimir Sementsov-Ogievskiy Committed by Markus Armbruster
Browse files

qga/commands-posix: fix use after free of local_err 



local_err is used several times in guest_suspend(). Setting non-NULL
local_err will crash, so let's zero it after freeing. Also fix possible
leak of local_err in final if().

Signed-off-by: default avatarVladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200324153630.11882-7-vsementsov@virtuozzo.com>
Reviewed-by: default avatarRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: default avatarMarkus Armbruster <armbru@redhat.com>
parent b0e70950

qga/commands-posix.c

+3 −0
Original line number Diff line number Diff line
@@ -1773,6 +1773,7 @@ static void guest_suspend(SuspendMode mode, Error **errp) 
    }



    error_free(local_err);

    local_err = NULL;



    if (pmutils_supports_mode(mode, &local_err)) {

        mode_supported = true;
@@ -1784,6 +1785,7 @@ static void guest_suspend(SuspendMode mode, Error **errp) 
    }



    error_free(local_err);

    local_err = NULL;



    if (linux_sys_state_supports_mode(mode, &local_err)) {

        mode_supported = true;
@@ -1791,6 +1793,7 @@ static void guest_suspend(SuspendMode mode, Error **errp) 
    }



    if (!mode_supported) {

        error_free(local_err);

        error_setg(errp,

                   "the requested suspend mode is not supported by the guest");

    } else {