From 069f4e3190b35e631dba09edf5a51f59d20695d0 Mon Sep 17 00:00:00 2001
From: Jeremy Fitzhardinge <jeremy@exablox.com>
Date: Thu, 23 Aug 2012 10:12:09 -0700
Subject: [PATCH 1/2] Check error return of qb_ipcs_uc_recv_and_auth()

If it fails, then &ugp isn't initialized.
---
 lib/ipc_us.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/ipc_us.c b/lib/ipc_us.c
index 707f97940..a29617029 100644
--- a/lib/ipc_us.c
+++ b/lib/ipc_us.c
@@ -905,6 +905,13 @@ qb_ipcs_us_connection_acceptor(int fd, int revent, void *data)
 
 	res = qb_ipcs_uc_recv_and_auth(new_fd, &setup_msg, sizeof(setup_msg),
 				       &ugp);
+	if (res < 0) {
+		close(new_fd);
+		/* This is an error, but -1 would indicate disconnect
+		 * from the poll loop
+		 */
+		return 0;
+	}
 
 	if (setup_msg.hdr.id == QB_IPC_MSG_AUTHENTICATE) {
 		(void)handle_new_connection(s, res, new_fd, &setup_msg,

From 4a1e24ee3e814caa0afaf6d91b715eb28c999ad7 Mon Sep 17 00:00:00 2001
From: Jeremy Fitzhardinge <jeremy@exablox.com>
Date: Thu, 23 Aug 2012 10:14:11 -0700
Subject: [PATCH 2/2] Don't free rb->shared_hdr in qb_rb_create_from_file()

Since qb_rb_close() frees it by munmapping it.
---
 lib/ringbuffer.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/ringbuffer.c b/lib/ringbuffer.c
index a191c282d..b70a2838c 100644
--- a/lib/ringbuffer.c
+++ b/lib/ringbuffer.c
@@ -766,7 +766,6 @@ qb_rb_create_from_file(int32_t fd, uint32_t flags)
 	return rb;
 
 cleanup_fail:
-	free(rb->shared_hdr);
 	qb_rb_close(rb);
 	return NULL;
 }