Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chardev: close QIOChannel before unref'ing
The chardev socket backend will unref the QIOChannel object while it is still potentially open. When using TLS there could be a pending TLS handshake taking place. If the channel is left open then when the TLS handshake callback runs, it can end up accessing free'd memory in the tcp_chr_tls_handshake method. Closing the QIOChannel will unregister any pending handshake source. Reported-by: jiangyegen <jiangyegen@huawei.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
- Loading branch information