From: Alex Jia <ajia@redhat.com>
Date: Wed, 30 Nov 2011 07:50:44 +0000 (+0800)
Subject: util: avoid null deref on qcowXGetBackingStore
X-Git-Tag: v0.9.8-rc1~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a001a5e28b920a6a89f1e4c47ef311a988f7f341;p=thirdparty%2Flibvirt.git

util: avoid null deref on qcowXGetBackingStore

Detected by Coverity. the only case is caller passes a NULL to 'format' variable,
then taking 'if (format)' false branch, the function qcow2GetBackingStoreFormat
will directly dereferences the NULL 'format' pointer variable.

Signed-off-by: Alex Jia <ajia@redhat.com>
---

diff --git a/src/util/storage_file.c b/src/util/storage_file.c
index f33ea74a92..ba9cfc51c9 100644
--- a/src/util/storage_file.c
+++ b/src/util/storage_file.c
@@ -333,7 +333,7 @@ qcowXGetBackingStore(char **res,
      * between the end of the header (QCOW2_HDR_TOTAL_SIZE)
      * and the start of the backingStoreName (offset)
      */
-    if (isQCow2)
+    if (isQCow2 && format)
         qcow2GetBackingStoreFormat(format, buf, buf_size, QCOW2_HDR_TOTAL_SIZE, offset);
 
     return BACKING_STORE_OK;