diff options
author | Matthew Daley <mattjd@gmail.com> | 2013-09-10 22:18:46 +1200 |
---|---|---|
committer | Ian Jackson <Ian.Jackson@eu.citrix.com> | 2013-10-10 16:06:21 +0100 |
commit | 2350e70ee06c903a927340f7a0bf9ca25acce3f3 (patch) | |
tree | 25fd40b63b07f150cfd9d034842794808bf9ad57 | |
parent | debfacf7d68de8e39a06ebc7f7b22386b28ce6fb (diff) | |
download | xen-2350e70ee06c903a927340f7a0bf9ca25acce3f3.tar.gz xen-2350e70ee06c903a927340f7a0bf9ca25acce3f3.tar.bz2 xen-2350e70ee06c903a927340f7a0bf9ca25acce3f3.zip |
libxl: fix out-of-memory error handling in libxl_list_cpupool
...otherwise it will return freed memory. All the current users of this
function check already for a NULL return, so use that.
Coverity-ID: 1056194
This is CVE-2013-4371 / XSA-70
Signed-off-by: Matthew Daley <mattjd@gmail.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
(cherry picked from commit 4c37ed562224295c0f8b00211287d57cae629782)
-rw-r--r-- | tools/libxl/libxl.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c index dcb3df929c..826236f2c8 100644 --- a/tools/libxl/libxl.c +++ b/tools/libxl/libxl.c @@ -649,6 +649,7 @@ libxl_cpupoolinfo * libxl_list_cpupool(libxl_ctx *ctx, int *nb_pool_out) if (!tmp) { LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "allocating cpupool info"); libxl_cpupoolinfo_list_free(ptr, i); + ptr = NULL; goto out; } ptr = tmp; |