git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Ján Tomko <jtomko@redhat.com>
	Mon, 3 Dec 2012 12:35:05 +0000 (13:35 +0100)
committer	Cole Robinson <crobinso@redhat.com>
	Sun, 9 Dec 2012 21:53:41 +0000 (16:53 -0500)
commit	8b60ff7f103cab6c31db96386ee62e80aa5e0e45
tree	1c9c1713e5918a19dc47a58860daf110f915cbba	tree
parent	68fb799b46b2193a203cbb69f11f5f2ecba480e1	commit \| diff

conf: prevent crash with no uuid in cephx auth secret

Fix the null pointer access when UUID is not specified.
Introduce a bool 'uuidUsable' to virStoragePoolAuthCephx that indicates
if uuid was specified or not and use it instead of the pointless
comparison of the static UUID array to NULL.
Add an error message if both uuid and usage are specified.

Fixes:
Error: FORWARD_NULL (CWE-476):
libvirt-0.10.2/src/conf/storage_conf.c:461: var_deref_model: Passing
    null pointer "uuid" to function "virUUIDParse(char const *, unsigned
    char *)", which dereferences it. (The dereference is assumed on the
    basis of the 'nonnull' parameter attribute.)
Error: NO_EFFECT (CWE-398):
    libvirt-0.10.2/src/conf/storage_conf.c:979: array_null: Comparing an
    array to null is not useful: "src->auth.cephx.secret.uuid != NULL".
(cherry picked from commit bc680e1381be7eeb5ae7d898ebab598df819b672)

src/conf/storage_conf.c		diff \| blob \| blame \| history
src/conf/storage_conf.h		diff \| blob \| blame \| history
src/storage/storage_backend_rbd.c		diff \| blob \| blame \| history