From: Jiri Denemark <jdenemar@redhat.com>
Date: Fri, 20 Dec 2013 14:41:04 +0000 (+0100)
Subject: qemu: Fix job usage in virDomainGetBlockIoTune
X-Git-Tag: v1.0.5.9~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dee5fc756648e62062da3366583fc343413e1ba7;p=thirdparty%2Flibvirt.git

qemu: Fix job usage in virDomainGetBlockIoTune

CVE-2013-6458

Every API that is going to begin a job should do that before fetching
data from vm->def.

(cherry picked from commit 3b56425938e2f97208d5918263efa0d6439e4ecd)
---

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index c346118618..4de4e953d0 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -13795,12 +13795,6 @@ qemuDomainGetBlockIoTune(virDomainPtr dom,
         goto cleanup;
     }
 
-    device = qemuDiskPathToAlias(vm, disk, NULL);
-
-    if (!device) {
-        goto cleanup;
-    }
-
     if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
         goto cleanup;
 
@@ -13808,6 +13802,11 @@ qemuDomainGetBlockIoTune(virDomainPtr dom,
                                         &persistentDef) < 0)
         goto endjob;
 
+    device = qemuDiskPathToAlias(vm, disk, NULL);
+    if (!device) {
+        goto endjob;
+    }
+
     if (flags & VIR_DOMAIN_AFFECT_LIVE) {
         priv = vm->privateData;
         qemuDomainObjEnterMonitor(driver, vm);