subject:"\[Qemu\-devel\] \[PATCH\] virtio\-scsi\: fix use\-after\-free of VirtIOSCSIReq"

Re: [Qemu-devel] [PATCH] virtio-scsi: fix use-after-free of VirtIOSCSIReq

2014-10-08 Thread Fam Zheng

On Wed, 10/08 11:37, Paolo Bonzini wrote: > scsi_req_continue can complete the request and cause the VirtIOSCSIReq > to be freed. Fetch req->sreq just once to avoid the bug. > > Reported-by: Richard Jones > Tested-by: Richard Jones > Signed-off-by: Paolo Bonzini > --- > hw/scsi/virtio-scsi.c

[Qemu-devel] [PATCH] virtio-scsi: fix use-after-free of VirtIOSCSIReq

2014-10-08 Thread Paolo Bonzini

scsi_req_continue can complete the request and cause the VirtIOSCSIReq to be freed. Fetch req->sreq just once to avoid the bug. Reported-by: Richard Jones Tested-by: Richard Jones Signed-off-by: Paolo Bonzini --- hw/scsi/virtio-scsi.c | 9 + 1 file changed, 5 insertions(+), 4 deletion