From: Guido Günther <agx@sigxcpu.org>
Date: Mon, 9 Jul 2012 10:11:17 +0000 (+0200)
Subject: openvz: Handle domain obj hash map errors
X-Git-Tag: CVE-2012-3445~188
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=31351c316fee0487dcbc5ef6b630d75be6b212e5;p=thirdparty%2Flibvirt.git

openvz: Handle domain obj hash map errors

This makes the driver fail with a clear error message in case of UUID
collisions (for example if somebody copied a container configuration
without updating the UUID) and also raises an error on other hash map
failures.

OpenVZ itself doesn't complain about duplicate UUIDs since this
parameter is only used by libvirt.
---

diff --git a/src/openvz/openvz_conf.c b/src/openvz/openvz_conf.c
index 7b662994df..8d7bc258cb 100644
--- a/src/openvz/openvz_conf.c
+++ b/src/openvz/openvz_conf.c
@@ -670,8 +670,18 @@ int openvzLoadDomains(struct openvz_driver *driver) {
         openvzReadMemConf(dom->def, veid);
 
         virUUIDFormat(dom->def->uuid, uuidstr);
-        if (virHashAddEntry(driver->domains.objs, uuidstr, dom) < 0)
+        if (virHashLookup(driver->domains.objs, uuidstr)) {
+            openvzError(VIR_ERR_INTERNAL_ERROR,
+                        _("Duplicate container UUID %s detected for %d"),
+                        uuidstr,
+                        veid);
+            goto cleanup;
+        }
+        if (virHashAddEntry(driver->domains.objs, uuidstr, dom) < 0) {
+            openvzError(VIR_ERR_INTERNAL_ERROR,
+                        _("Could not add UUID for container %d"), veid);
             goto cleanup;
+        }
 
         virDomainObjUnlock(dom);
         dom = NULL;