gentoo-overlay/app-emulation/libvirt/files/libvirt-1.0.6-CVE-2013-2218.patch

From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Fri, 28 Jun 2013 10:48:37 +0100
Subject: [PATCH] CVE-2013-2218: Fix crash listing network interfaces with
 filters

The virConnectListAllInterfaces method has a double-free of the
'struct netcf_if' object when any of the filtering flags cause
an interface to be skipped over. For example when running the
command 'virsh iface-list --inactive'

This is a regression introduced in release 1.0.6 by

  commit 7ac2c4fe624f30f2c8270116513fa2ddab07631f
  Author: Guannan Ren <gren@redhat.com>
  Date:   Tue May 21 21:29:38 2013 +0800

    interface: list all interfaces with flags == 0

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 src/interface/interface_backend_netcf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/interface/interface_backend_netcf.c b/src/interface/interface_backend_netcf.c
index a995816..9aa673d 100644
--- a/src/interface/interface_backend_netcf.c
+++ b/src/interface/interface_backend_netcf.c
@@ -412,6 +412,7 @@ netcfConnectListAllInterfaces(virConnectPtr conn,
               (MATCH(VIR_CONNECT_LIST_INTERFACES_INACTIVE) &&
                (status & NETCF_IFACE_INACTIVE)))) {
             ncf_if_free(iface);
+            iface = NULL;
             continue;
         }
 
-- 
1.8.2.1