vmdk: fix double free

fail_gd error case would also free rgd_buf that was already freed Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> (cherry picked from commit a161329b61106ab093aab6d3227ac85e0b8251a9) Conflicts: block/vmdk.c Signed-off-by: Kevin Wolf <kwolf@redhat.com>
author: Kevin Wolf <kwolf@redhat.com> 2010-07-14 10:30:31 +0200
committer: Doug Goldstein <cardoe@gentoo.org> 2010-07-20 17:38:35 -0500
commit: 8528c9cc54e32268bdf0f2c47ca5fb1388662618 (patch)
tree: f9e964f4cacb030b24d30acd139d00c78cb7798b
parent: target-i386: fix xchg rax,r8 (diff)
download: qemu-kvm-8528c9cc54e32268bdf0f2c47ca5fb1388662618.tar.gz
qemu-kvm-8528c9cc54e32268bdf0f2c47ca5fb1388662618.tar.bz2
qemu-kvm-8528c9cc54e32268bdf0f2c47ca5fb1388662618.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/block/vmdk.c b/block/vmdk.c
index 4e486225b..765e95a28 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -285,7 +285,6 @@ static int vmdk_snapshot_create(const char *filename, const char *backing_file)
         goto fail_rgd;
     if (write(snp_fd, rgd_buf, gd_size) == -1)
         goto fail_rgd;
-    qemu_free(rgd_buf);
 
     /* write GD */
     gd_buf = qemu_malloc(gd_size);
@@ -298,6 +297,7 @@ static int vmdk_snapshot_create(const char *filename, const char *backing_file)
     if (write(snp_fd, gd_buf, gd_size) == -1)
         goto fail_gd;
     qemu_free(gd_buf);
+    qemu_free(rgd_buf);
 
     close(p_fd);
     close(snp_fd);
author	Kevin Wolf <kwolf@redhat.com>	2010-07-14 10:30:31 +0200
committer	Doug Goldstein <cardoe@gentoo.org>	2010-07-20 17:38:35 -0500
commit	8528c9cc54e32268bdf0f2c47ca5fb1388662618 (patch)
tree	f9e964f4cacb030b24d30acd139d00c78cb7798b
parent	target-i386: fix xchg rax,r8 (diff)
download	qemu-kvm-8528c9cc54e32268bdf0f2c47ca5fb1388662618.tar.gz qemu-kvm-8528c9cc54e32268bdf0f2c47ca5fb1388662618.tar.bz2 qemu-kvm-8528c9cc54e32268bdf0f2c47ca5fb1388662618.zip