Blob Blame History Raw
From afbd35a816254adcd4a5660a2e9089ee986f9457 Mon Sep 17 00:00:00 2001
Message-Id: <afbd35a816254adcd4a5660a2e9089ee986f9457.1379193140.git.jdenemar@redhat.com>
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 12 Sep 2013 11:37:33 -0600
Subject: [PATCH] virFileNBDDeviceAssociate: Avoid use of uninitialized
 variable

CVE-2013-4297: https://bugzilla.redhat.com/show_bug.cgi?id=1006513

The @qemunbd variable can be used uninitialized.

(cherry picked from commit 2dba0323ff0cec31bdcea9dd3b2428af297401f2)
---
 src/util/virfile.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/util/virfile.c b/src/util/virfile.c
index 2b07ac9..7af0843 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -732,7 +732,7 @@ int virFileNBDDeviceAssociate(const char *file,
                               char **dev)
 {
     char *nbddev;
-    char *qemunbd;
+    char *qemunbd = NULL;
     virCommandPtr cmd = NULL;
     int ret = -1;
     const char *fmtstr = NULL;
-- 
1.8.3.2