[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 4/7] qemu: Fix segfault if defining a domain without <seclabel>



On Wed, Jan 12, 2011 at 12:23:00PM -0500, Cole Robinson wrote:
> If the selinux driver is the default, it will lead to a null dereference.
> This change should still yeild the intended result, since a null model
> basically implies 'use the default'.
> 
> Signed-off-by: Cole Robinson <crobinso redhat com>
> ---
>  src/security/security_driver.c |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
> 
> diff --git a/src/security/security_driver.c b/src/security/security_driver.c
> index 5711aee..7d2e0de 100644
> --- a/src/security/security_driver.c
> +++ b/src/security/security_driver.c
> @@ -82,7 +82,8 @@ virSecurityIsSpecifiedDriver(virSecurityManagerPtr mgr,
>  {
>      bool ret = true;
>  
> -    if (!STREQ(virSecurityManagerGetModel(mgr), def->seclabel.model)) {
> +    if (def->seclabel.model &&
> +        !STREQ(virSecurityManagerGetModel(mgr), def->seclabel.model)) {
>          virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
>                                 _("security label driver mismatch: "
>                                   "'%s' model configured for domain, but "

ACK it doesn't hurt, but it should have also been checked at the
higher level in the Verify function

Daniel


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]