The problem is in gvir_sandbox_config_add_mount_opts. When
parsing disk string, "format=" may be within it. This is
supposed to change disk format from raw to the desired one.
However, due to bug in our implementation, we may end up
dereferencing a NULL pointer.
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
libvirt-sandbox/libvirt-sandbox-config.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c
index 780d174..5a4aacb 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.c
+++ b/libvirt-sandbox/libvirt-sandbox-config.c
@@ -1611,15 +1611,16 @@ gboolean gvir_sandbox_config_add_mount_opts(GVirSandboxConfig *config,
*tmp = '\0';
formatStr = tmp + 1;
- if ((strncmp(formatStr, "format=", 7) == 0) &&
- !(enum_value = g_enum_get_value_by_nick(enum_class, formatStr + 7))) {
+ if ((strncmp(formatStr, "format=", 7) == 0)) {
+ if (!(enum_value = g_enum_get_value_by_nick(enum_class, formatStr + 7))) {
+ g_type_class_unref(enum_class);
+ g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0,
+ _("Unknown disk image format: '%s'"), formatStr + 7);
+ return FALSE;
+ }
g_type_class_unref(enum_class);
- g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0,
- _("Unknown disk image format: '%s'"), formatStr + 7);
- return FALSE;
+ format = enum_value->value;
}
- g_type_class_unref(enum_class);
- format = enum_value->value;
}
mnt = GVIR_SANDBOX_CONFIG_MOUNT(g_object_new(type,
--
2.4.9
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list