block/amend: Keep strong reference to BDS

Otherwise, the BDS might be freed while the job is running, which would
cause a use-after-free.

Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220304153729.711387-5-hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit is contained in:
Hanna Reitz 2022-03-04 16:37:28 +01:00 committed by Kevin Wolf
parent b8ba60067b
commit 78fa41fc67

View File

@ -69,6 +69,8 @@ static void blockdev_amend_free(Job *job)
if (s->bs->drv->bdrv_amend_clean) { if (s->bs->drv->bdrv_amend_clean) {
s->bs->drv->bdrv_amend_clean(s->bs); s->bs->drv->bdrv_amend_clean(s->bs);
} }
bdrv_unref(s->bs);
} }
static const JobDriver blockdev_amend_job_driver = { static const JobDriver blockdev_amend_job_driver = {
@ -129,6 +131,7 @@ void qmp_x_blockdev_amend(const char *job_id,
return; return;
} }
bdrv_ref(bs);
s->bs = bs, s->bs = bs,
s->opts = QAPI_CLONE(BlockdevAmendOptions, options), s->opts = QAPI_CLONE(BlockdevAmendOptions, options),
s->force = has_force ? force : false; s->force = has_force ? force : false;