From 1b7381da7db7092bf774779a610f153532efa5d4 Mon Sep 17 00:00:00 2001 Message-Id: <1b7381da7db7092bf774779a610f153532efa5d4@dist-git> From: =?UTF-8?q?J=C3=A1n=20Tomko?= Date: Tue, 29 Sep 2020 14:43:06 +0200 Subject: [PATCH] qemu: agent: set ifname to NULL after freeing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CVE-2020-25637 Signed-off-by: Ján Tomko Reported-by: Ilja Van Sprundel Fixes: 0977b8aa071de550e1a013d35e2c72615e65d520 Reviewed-by: Mauro Matteo Cascella (cherry picked from commit a63b48c5ecef077bf0f909a85f453a605600cf05) Signed-off-by: Ján Tomko Conflicts: src/qemu/qemu_agent.c Commit ee247e1d which switched virStringListFree to g_strfreev is missing downstream. Message-Id: <01acbf07b5b165b89cc73a127fe7bda666bdf235.1601383236.git.jtomko@redhat.com> Reviewed-by: Jiri Denemark --- src/qemu/qemu_agent.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c index f13126aeee..968534b594 100644 --- a/src/qemu/qemu_agent.c +++ b/src/qemu/qemu_agent.c @@ -2192,6 +2192,7 @@ qemuAgentGetInterfaces(qemuAgentPtr mon, /* Has to be freed for each interface. */ virStringListFree(ifname); + ifname = NULL; /* as well as IP address which - moreover - * can be presented multiple times */ -- 2.28.0