ShuriZma
/
xemu
mirror of https://github.com/xemu-project/xemu.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

usb-redir: fix use-after-free 

Reinitialize dev->cs to NULL after deleting it, to make sure it isn't
used afterwards.

Reported-by: Martin Cerveny <M.Cerveny@computer.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This commit is contained in:
Gerd Hoffmann 2013-07-31 11:17:58 +02:00
parent 75cc1c1fcb
commit a14ff8a650
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hw/usb/redirect.c
View File

@ -1334,6 +1334,7 @@ static void usbredir_handle_destroy(USBDevice *udev)
USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev);
qemu_chr_delete(dev->cs);
dev->cs = NULL;
/* Note must be done after qemu_chr_close, as that causes a close event */
qemu_bh_delete(dev->chardev_close_bh);