diff options
author | Hanna Reitz <hreitz@redhat.com> | 2022-03-04 16:37:28 +0100 |
---|---|---|
committer | Kevin Wolf <kwolf@redhat.com> | 2022-03-04 18:18:26 +0100 |
commit | 78fa41fc671eae51fd3390a12a041d1c4a241c66 (patch) | |
tree | 9a3ea923dffd6d3f15e0cbb080d6d5b6cb3ac82c /block/amend.c | |
parent | b8ba60067bf9df0f2e799b34eb00809f5d1e5989 (diff) | |
download | qemu-78fa41fc671eae51fd3390a12a041d1c4a241c66.zip qemu-78fa41fc671eae51fd3390a12a041d1c4a241c66.tar.gz qemu-78fa41fc671eae51fd3390a12a041d1c4a241c66.tar.bz2 |
block/amend: Keep strong reference to BDS
Otherwise, the BDS might be freed while the job is running, which would
cause a use-after-free.
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220304153729.711387-5-hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Diffstat (limited to 'block/amend.c')
-rw-r--r-- | block/amend.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/block/amend.c b/block/amend.c index 553890d..f696a00 100644 --- a/block/amend.c +++ b/block/amend.c @@ -69,6 +69,8 @@ static void blockdev_amend_free(Job *job) if (s->bs->drv->bdrv_amend_clean) { s->bs->drv->bdrv_amend_clean(s->bs); } + + bdrv_unref(s->bs); } static const JobDriver blockdev_amend_job_driver = { @@ -129,6 +131,7 @@ void qmp_x_blockdev_amend(const char *job_id, return; } + bdrv_ref(bs); s->bs = bs, s->opts = QAPI_CLONE(BlockdevAmendOptions, options), s->force = has_force ? force : false; |