From: Pavel Hrdina <phrdina@redhat.com>
Date: Wed, 25 Jan 2017 16:42:07 +0000 (+0100)
Subject: domain_conf: vnc: preserve autoport value if no port was specified
X-Git-Tag: CVE-2017-2635~227
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f19390d2d3ab18cc9bff53e1d642e4e2b534f5a5;p=thirdparty%2Flibvirt.git

domain_conf: vnc: preserve autoport value if no port was specified

The issue is that if this graphics definition is provided:

  <graphics type='vnc' port='0'/>

it's parsed as:

  <graphics type='vnc' autoport='no'>
    <listen type='address'/>
  </graphics>

but if the resulting XML is parsed again the output is:

  <graphics type='vnc' port='-1' autoport='yes'>
    <listen type='address'/>
  </graphics>

and this should not happen.  The XML have to always remain the same
after it was already parsed by libvirt.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1383039

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
---

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a2b72cb9c5..877a0bf5c1 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -11722,6 +11722,8 @@ virDomainGraphicsDefParseXMLVNC(virDomainGraphicsDefPtr def,
             if (flags & VIR_DOMAIN_DEF_PARSE_INACTIVE)
                 def->data.vnc.port = 0;
             def->data.vnc.autoport = true;
+        } else {
+            def->data.vnc.autoport = false;
         }
     }
 
diff --git a/tests/genericxml2xmlindata/generic-graphics-vnc-autoport-no.xml b/tests/genericxml2xmlindata/generic-graphics-vnc-autoport-no.xml
new file mode 100644
index 0000000000..748e7f489d
--- /dev/null
+++ b/tests/genericxml2xmlindata/generic-graphics-vnc-autoport-no.xml
@@ -0,0 +1,30 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219100</memory>
+  <currentMemory unit='KiB'>219100</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='i686' machine='pc'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu</emulator>
+    <controller type='usb' index='0'/>
+    <controller type='ide' index='0'/>
+    <controller type='pci' index='0' model='pci-root'/>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <graphics type='vnc' autoport='no'>
+      <listen type='address'/>
+    </graphics>
+    <video>
+      <model type='cirrus' vram='16384' heads='1' primary='yes'/>
+    </video>
+    <memballoon model='none'/>
+  </devices>
+</domain>
diff --git a/tests/genericxml2xmltest.c b/tests/genericxml2xmltest.c
index 2ea2396480..488190270f 100644
--- a/tests/genericxml2xmltest.c
+++ b/tests/genericxml2xmltest.c
@@ -91,6 +91,7 @@ mymain(void)
     DO_TEST_DIFFERENT("graphics-vnc-socket-attr-listen-socket");
     DO_TEST_FULL("graphics-vnc-socket-attr-listen-socket-mismatch", 0, false,
         TEST_COMPARE_DOM_XML2XML_RESULT_FAIL_PARSE);
+    DO_TEST("graphics-vnc-autoport-no");
 
     DO_TEST_FULL("name-slash-fail", 0, false,
         TEST_COMPARE_DOM_XML2XML_RESULT_FAIL_PARSE);