On 11/25/2011 12:56 PM, Kevin Wolf wrote:
qemu_iovec_destroy does not clear the QEMUIOVector fully, and the data
> could thus be used after free or freed again. While I do not know any
> example in the tree, I observed this using virtio-scsi (and SCSI
> scatter/gather) when canceling DMA requ
Am 25.11.2011 12:06, schrieb Paolo Bonzini:
> qemu_iovec_destroy does not clear the QEMUIOVector fully, and the data
> could thus be used after free or freed again. While I do not know any
> example in the tree, I observed this using virtio-scsi (and SCSI
> scatter/gather) when canceling DMA reque
qemu_iovec_destroy does not clear the QEMUIOVector fully, and the data
could thus be used after free or freed again. While I do not know any
example in the tree, I observed this using virtio-scsi (and SCSI
scatter/gather) when canceling DMA requests.
Signed-off-by: Paolo Bonzini
---
cutils.c |
