Commit f1a89a8 allowed parsing configs from /etc/libvirt without validating the emulator capabilities. Check for the presence of os->type.machine even if the VIR_DOMAIN_DEF_PARSE_SKIP_OSTYPE_CHECKS flag is set, otherwise the daemon can crash on carelessly crafted input in the config directory. https://bugzilla.redhat.com/show_bug.cgi?id=1267256 --- src/conf/domain_conf.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 67415fa..5d3fed0 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -14841,6 +14841,12 @@ virDomainDefParseXML(xmlDocPtr xml, goto error; } VIR_FREE(capsdata); + } else { + if (!def->os.machine) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Missing machine type")); + goto error; + } } /* Extract domain name */ -- 2.4.10 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list