]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
projects / thirdparty / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5e0b2ae)
virnwfilterbindingobj: Fix virNWFilterBindingObjNew()
authorMichal Privoznik <mprivozn@redhat.com>
Tue, 1 Feb 2022 09:21:02 +0000 (10:21 +0100)
committerMichal Privoznik <mprivozn@redhat.com>
Tue, 1 Feb 2022 10:55:13 +0000 (11:55 +0100)
The idea behind virNWFilterBindingObjNew() is to create and
return an object of virNWFilterBindingObjClass class. The class
is virObjectLockable (and the corresponding
_virNWFilterBindingObj structure has virObjectLockable parent).
But for some reason plain virObjectNew() is called. This is wrong
because the mutex in the parent is left uninitialized.

Next, the returned object is not locked. This is wrong because in
some cases the returned object is added onto a list of bindings
and then passed to virNWFilterBindingObjEndAPI() which unlocks it
right away. This is potentially dangerous because we might just
have unlocked the object for another thread.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
src/conf/virnwfilterbindingobj.c patch | blob | blame | history

diff --git a/src/conf/virnwfilterbindingobj.c b/src/conf/virnwfilterbindingobj.c
index acea240b5d128437b37b33e2bcdb831d681c8120..d387af68c06f6a1281c55d91c9c481ddebeb9b0e 100644 (file)
--- a/src/conf/virnwfilterbindingobj.c
+++ b/src/conf/virnwfilterbindingobj.c
@@ -57,10 +57,15 @@ VIR_ONCE_GLOBAL_INIT(virNWFilterBindingObj);
 virNWFilterBindingObj *
 virNWFilterBindingObjNew(void)
 {
+    virNWFilterBindingObj *ret;
     if (virNWFilterBindingObjInitialize() < 0)
         return NULL;
 
-    return virObjectNew(virNWFilterBindingObjClass);
+    if (!(ret = virObjectLockableNew(virNWFilterBindingObjClass)))
+        return NULL;
+
+    virObjectLock(ret);
+    return ret;
 }
 
 
Mirror of https://github.com/libvirt/libvirt.git