From 76e005d1a5efa62865ad2ac1730c36fba53c002e Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Mon, 23 Jan 2023 16:48:19 +0100 Subject: [PATCH] virNetLibsshSessionAuthAddPasswordAuth: Don't access unlocked 'sess' MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit 'sess->authPath' is modified before locking the 'sess' object. Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be unlocked even when it was not yet locked. Fixes: 6917467c2b0e8f655999f3e568708c4651811689 Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko --- src/rpc/virnetlibsshsession.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index 8de7c86a41..d2e9e20ff2 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -846,16 +846,17 @@ virNetLibsshSessionAuthAddPasswordAuth(virNetLibsshSession *sess, int ret; virNetLibsshAuthMethod *auth; + virObjectLock(sess); + if (uri) { VIR_FREE(sess->authPath); if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0) { - ret = -1; - goto cleanup; + virObjectUnlock(sess); + return -1; } } - virObjectLock(sess); if (!(auth = virNetLibsshSessionAuthMethodNew(sess))) { ret = -1; -- 2.47.2