From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 23 Jan 2023 15:48:19 +0000 (+0100)
Subject: virNetLibsshSessionAuthAddPasswordAuth: Don't access unlocked 'sess'
X-Git-Tag: v9.1.0-rc1~174
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=76e005d1a5efa62865ad2ac1730c36fba53c002e;p=thirdparty%2Flibvirt.git

virNetLibsshSessionAuthAddPasswordAuth: Don't access unlocked 'sess'

'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.

Fixes: 6917467c2b0e8f655999f3e568708c4651811689
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---

diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
index 8de7c86a41..d2e9e20ff2 100644
--- a/src/rpc/virnetlibsshsession.c
+++ b/src/rpc/virnetlibsshsession.c
@@ -846,16 +846,17 @@ virNetLibsshSessionAuthAddPasswordAuth(virNetLibsshSession *sess,
     int ret;
     virNetLibsshAuthMethod *auth;
 
+    virObjectLock(sess);
+
     if (uri) {
         VIR_FREE(sess->authPath);
 
         if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0) {
-            ret = -1;
-            goto cleanup;
+            virObjectUnlock(sess);
+            return -1;
         }
     }
 
-    virObjectLock(sess);
 
     if (!(auth = virNetLibsshSessionAuthMethodNew(sess))) {
         ret = -1;