The changes in commit c7542573 introduced possible segfault. Looking
deeper into the code and the original code before the patch series were
applied I think that we should report error for each function failure
and also we shouldn't call some of the function twice.
Found by coverity.
Signed-off-by: Pavel Hrdina <phrdina@xxxxxxxxxx>
---
src/access/viraccessdriverpolkit.c | 20 +++++++++-----------
1 file changed, 9 insertions(+), 11 deletions(-)
diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c
index 2bc1842..3136be7 100644
--- a/src/access/viraccessdriverpolkit.c
+++ b/src/access/viraccessdriverpolkit.c
@@ -87,24 +87,22 @@ virAccessDriverPolkitGetCaller(const char *actionid,
actionid);
return -1;
}
- if (virIdentityGetUNIXProcessID(identity, pid) < 0)
- goto cleanup;
- if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
- goto cleanup;
- if (virIdentityGetUNIXUserID(identity, uid) < 0)
- goto cleanup;
- if (!pid) {
+ if (virIdentityGetUNIXProcessID(identity, pid) < 0) {
virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
_("No UNIX process ID available"));
goto cleanup;
}
-
- if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
+ if (virIdentityGetUNIXProcessTime(identity, startTime) < 0) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX process start time available"));
goto cleanup;
-
- if (virIdentityGetUNIXUserID(identity, uid) < 0)
+ }
+ if (virIdentityGetUNIXUserID(identity, uid) < 0) {
+ virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No UNIX caller UID available"));
goto cleanup;
+ }
ret = 0;
--
1.8.5.5
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list