From: John Ferlan <jferlan@redhat.com>
Date: Wed, 7 Dec 2016 13:10:30 +0000 (-0500)
Subject: nss: Need to check error condition on virJSONValueArraySize
X-Git-Tag: v3.0.0-rc1~361
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=03876cf506dff07d56cb0b4baec316e9f7c052e0;p=thirdparty%2Flibvirt.git

nss: Need to check error condition on virJSONValueArraySize

If the 'nleases < 0' on return, then the subsequent call to
findLeaseInJSON will not produce the expected results (passed
in as a size_t, but nleases is a ssize_t).  So check if the
returned value < 0 and if so, goto cleanup.

Found by Coverity as a NEGATIVE_RETURNS event
---

diff --git a/tools/nss/libvirt_nss.c b/tools/nss/libvirt_nss.c
index 418c11fafe..b69e62c8b1 100644
--- a/tools/nss/libvirt_nss.c
+++ b/tools/nss/libvirt_nss.c
@@ -309,7 +309,8 @@ findLease(const char *name,
     }
     VIR_DIR_CLOSE(dir);
 
-    nleases = virJSONValueArraySize(leases_array);
+    if ((nleases = virJSONValueArraySize(leases_array)) < 0)
+        goto cleanup;
     DEBUG("Read %zd leases", nleases);
 
 #if !defined(LIBVIRT_NSS_GUEST)