From: Laine Stump <laine@laine.org>
Date: Mon, 15 Sep 2014 17:30:08 +0000 (-0400)
Subject: network: detect conflicting route even if it is the final entry
X-Git-Tag: CVE-2014-3633~38
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=22048ae61dbb7876d17bcf7dbedf9e8d1cf98d4e;p=thirdparty%2Flibvirt.git

network: detect conflicting route even if it is the final entry

This is a folloup to commit 5f719596, which checks for a route
conflicting with the standard libvirt default network subnet
(192.168.122.0/24). It turns out that $() strips the trailing newline
from the output of "ip route show", so there would be no match if the
route we were looking for was the final line of output. This can be
solved by adding ${nl} to the end of the output (just as we were
already adding it at the beginning of the output).
---

diff --git a/libvirt.spec.in b/libvirt.spec.in
index c2e2be4a83..bec3a50920 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1737,7 +1737,7 @@ if test $1 -eq 1 && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ;
     sub=${orig_sub}
     nl='
 '
-    routes="${nl}$(ip route show | cut -d' ' -f1)"
+    routes="${nl}$(ip route show | cut -d' ' -f1)${nl}"
     case ${routes} in
       *"${nl}192.168.${orig_sub}.0/24${nl}"*)
         # there was a match, so we need to look for an unused subnet