From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 5 Mar 2021 09:38:49 +0000 (+0100)
Subject: virFirewallApply: Fix possible NULL dereference on error
X-Git-Tag: v7.2.0-rc1~208
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0a3d0c610a5f51632cc2c11dd91a838d7c8fff07;p=thirdparty%2Flibvirt.git

virFirewallApply: Fix possible NULL dereference on error

Commit bbc25f0d03d443efd35381463efc81b01cb6ae96 juggled around some
error reporting. Unfortunately virFirewallApply tries to report the
errno stored in the firewall object and we'd try to do that when the
firewall object is NULL too. Report EINVAL if 'firewall' is NULL.

Found by Coverity.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
---

diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c
index c1b7d2268b..0dc0cecd53 100644
--- a/src/util/virfirewall.c
+++ b/src/util/virfirewall.c
@@ -766,8 +766,12 @@ virFirewallApply(virFirewallPtr firewall)
         goto cleanup;
     }
     if (!firewall || firewall->err) {
-        virReportSystemError(firewall->err, "%s",
-                             _("Unable to create rule"));
+        int err = EINVAL;
+
+        if (firewall)
+            err = firewall->err;
+
+        virReportSystemError(err, "%s", _("Unable to create rule"));
         goto cleanup;
     }