Tree - rpms/libvirt - CentOS Git server

rpms / libvirt

Files

Commit: c401cca097da3600a54d749790cd7cffae565ac6
Blob Blame History Raw
From 31d35776ac5aa93f97d1f3516630137664f48881 Mon Sep 17 00:00:00 2001
Message-Id: <31d35776ac5aa93f97d1f3516630137664f48881@dist-git>
From: Peter Krempa <pkrempa@redhat.com>
Date: Wed, 26 Feb 2014 14:54:48 +0100
Subject: [PATCH] snapshot: conf: Fix NULL dereference when <driver> element is
 empty

https://bugzilla.redhat.com/show_bug.cgi?id=1032370

Consider the following valid snapshot XML as the <driver> element is
allowed to be empty in the domainsnapshot.rng schema:

$ cat snap.xml
<domainsnapshot>
  <disks>
    <disk name='vda' snapshot='external'>
      <source file='/tmp/foo'/>
      <driver/>
    </disk>
  </disks>
</domainsnapshot>

produces the following error:

$ virsh snapshot-create domain snap.xml
error: internal error: unknown disk snapshot driver '(null)'

The driver type is parsed as NULL from the XML as the attribute is not
present and then directly used to produce the error message.

With this patch the attempt to parse the driver type is skipped if not
present to avoid changing the schema to forbid the empty driver element.

(cherry picked from commit 5a66c667ff5cae61c2ad2e646c8eb3eedc67f925)

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/conf/snapshot_conf.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/conf/snapshot_conf.c b/src/conf/snapshot_conf.c
index 29e12b7..a1fd723 100644
--- a/src/conf/snapshot_conf.c
+++ b/src/conf/snapshot_conf.c
@@ -154,15 +154,17 @@ virDomainSnapshotDiskDefParseXML(xmlNodePtr node,
         } else if (!def->format &&
                    xmlStrEqual(cur->name, BAD_CAST "driver")) {
             char *driver = virXMLPropString(cur, "type");
-            def->format = virStorageFileFormatTypeFromString(driver);
-            if (def->format <= 0) {
-                virReportError(VIR_ERR_INTERNAL_ERROR,
-                               _("unknown disk snapshot driver '%s'"),
-                               driver);
+            if (driver) {
+                def->format = virStorageFileFormatTypeFromString(driver);
+                if (def->format <= 0) {
+                    virReportError(VIR_ERR_INTERNAL_ERROR,
+                                   _("unknown disk snapshot driver '%s'"),
+                                   driver);
+                    VIR_FREE(driver);
+                    goto cleanup;
+                }
                 VIR_FREE(driver);
-                goto cleanup;
             }
-            VIR_FREE(driver);
         }
     }
 
-- 
1.9.0
rpms / libvirt

Source Code

Files
