From: Cole Robinson <crobinso@redhat.com>
Date: Tue, 1 Oct 2013 11:55:19 +0000 (-0400)
Subject: qemu: cgroup: Fix crash if starting nographics guest
X-Git-Tag: CVE-2013-4401~186
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a924d9d083c215df6044387057c501d9aa338b96;p=thirdparty%2Flibvirt.git

qemu: cgroup: Fix crash if starting nographics guest

We can dereference graphics[0] even if guest has no graphics device
configured. I screwed this up in a216e6487255d3b65d97c7ec1fa5da63dbced902

https://bugzilla.redhat.com/show_bug.cgi?id=1014088
---

diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index f95c7f2e67..ace7e3573a 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -490,9 +490,10 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
 
     if (vm->def->nsounds &&
         ((!vm->def->ngraphics && cfg->nogfxAllowHostAudio) ||
-         ((vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
+         (vm->def->graphics &&
+          ((vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
            cfg->vncAllowHostAudio) ||
-           (vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL)))) {
+           (vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL))))) {
         rv = virCgroupAllowDeviceMajor(priv->cgroup, 'c', DEVICE_SND_MAJOR,
                                        VIR_CGROUP_DEVICE_RW);
         virDomainAuditCgroupMajor(vm, priv->cgroup, "allow", DEVICE_SND_MAJOR,