From: chaojianhu
In function qcow2_do_open, if "go fail;" before calling qcow2_read_snapshots,
then snapshots
will always be NULL. When dealing with "fail:", qcow2_free_snapshots will be
called, and
s->snapshots will be dereferenced without checked.
Reported-by: chaojianhu
Signed-off-by: ch
From: chaojianhu
In envlist_setenv, if any malloc fails, there will be inconsistency on el_count.
And in envlist_unsetenv, if env is "", the strncmp will be passed, eventually
wrong envlist_entry (shoud be the first one) will be removed.
Finally, in envlist_parse, to delimit environments with
From: chaojianhu
In envlist_setenv, if any malloc fails, there will be inconsistency on el_count.
And in envlist_unsetenv, if env is "", the strncmp will be passed, eventually
wrong envlist_entry (shoud be the first one) will be removed.
Finally, in envlist_parse, to delimit environments with
