[libvirt] [PATCH] Avoid crash in security driver if model is NULL
Eric Blake
eblake at redhat.com
Tue Jan 18 18:19:17 UTC 2011
On 01/18/2011 11:04 AM, Daniel P. Berrange wrote:
> If the XML security model is NULL, it is assumed that the current
> model will be used with dynamic labelling. The verify step is
> meaningless and potentially crashes if dereferencing NULL
>
> * src/security/security_manager.c: Skip NULL model on verify
> ---
> src/security/security_manager.c | 7 +++++++
> 1 files changed, 7 insertions(+), 0 deletions(-)
>
> diff --git a/src/security/security_manager.c b/src/security/security_manager.c
> index 66cffb5..1bc0ebb 100644
> --- a/src/security/security_manager.c
> +++ b/src/security/security_manager.c
> @@ -309,6 +309,13 @@ int virSecurityManagerSetProcessLabel(virSecurityManagerPtr mgr,
> int virSecurityManagerVerify(virSecurityManagerPtr mgr,
> virDomainDefPtr def)
> {
> + /* NULL model == dynamic labelling, with whatever drive
s/drive/driver/
/me repeats to myself: I promise to overlook US vs. UK spelling
differences such as labeling, when the difference only occurs in a
comment and not in the API or a translated string
> + * is active, so we can short circuit verify check to
> + * avoid drivers dereferencing NULLs by accident
> + */
ACK.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110118/94270f30/attachment-0001.sig>
More information about the libvir-list
mailing list