File libvirt-network-Set-to-NULL-after-virNetworkDefFree.patch of Package libvirt

From 1e49c97611d438b879f871132b7e75f77673b786 Mon Sep 17 00:00:00 2001
Message-Id: <1e49c97611d438b879f871132b7e75f77673b786.1350990677.git.jdenemar@redhat.com>
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 18 Oct 2012 17:05:19 +0200
Subject: [PATCH] network: Set to NULL after virNetworkDefFree()

https://bugzilla.redhat.com/show_bug.cgi?id=866364

which frees all allocated memory but doesn't set the passed pointer to
NULL.  Therefore, we must do it ourselves. This is causing actual
libvirtd crash: Basically, when doing 'virsh net-edit' the newDef should
be dropped.  And the memory is freed, indeed. However, the pointer is
not set to NULL but kept instead. And the next duo of calls 'virsh
net-start' and 'virsh net-destroy' starts the disaster. The latter one
does the same as 'virsh destroy'; it sees that newDef is nonNULL so it
replaces def with newDef (which has been freed already as said a few
lines above). Therefore any subsequent call accessing def will hit the ground.
(cherry picked from commit b7e9202401ebaa039b8f05acdefda8c24081537a)
---
 src/conf/network_conf.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index 891d48c..0f7470d 100644
--- a/src/conf/network_conf.c
+++ b/src/conf/network_conf.c
@@ -260,8 +260,9 @@ virNetworkObjAssignDef(virNetworkObjPtr network,
             return -1;
         }
     } else if (!live) {
-        virNetworkDefFree(network->newDef); /* should be unnecessary */
+        virNetworkDefFree(network->newDef);
         virNetworkDefFree(network->def);
+        network->newDef = NULL;
         network->def = def;
     } else {
         virReportError(VIR_ERR_OPERATION_INVALID,
-- 
1.7.12.4