From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 18 Sep 2013 08:37:48 +0000 (+0200)
Subject: qemu: Avoid dangling job in qemuDomainSetBlockIoTune
X-Git-Tag: CVE-2013-4311~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=13e9bad55ad3d4705585bd483765805973d9f2f1;p=thirdparty%2Flibvirt.git

qemu: Avoid dangling job in qemuDomainSetBlockIoTune

virDomainSetBlockIoTuneEnsureACL was incorrectly called after we already
started a job. As a result of this, the job was not cleaned up when an
access driver had forbidden the action.
---

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 0763f9b6d5..8a302d1ddc 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -14673,15 +14673,15 @@ qemuDomainSetBlockIoTune(virDomainPtr dom,
     if (!(vm = qemuDomObjFromDomain(dom)))
         return -1;
 
+    if (virDomainSetBlockIoTuneEnsureACL(dom->conn, vm->def, flags) < 0)
+        goto cleanup;
+
     if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
         goto cleanup;
 
     priv = vm->privateData;
     cfg = virQEMUDriverGetConfig(driver);
 
-    if (virDomainSetBlockIoTuneEnsureACL(dom->conn, vm->def, flags) < 0)
-        goto cleanup;
-
     if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
         goto endjob;