[PATCH 4/5] remote: dispatch: Allocate 'virDomainDef' in ACL helpers dynamically

Peter Krempa <pkrempa@xxxxxxxxxx> · Thu, 8 Sep 2022 14:25:03 +0200

At time of this patch struct 'virDomainDef' has 1736 bytes. Allocate it
dynamically to keep the stack frame size in reasonable values.

This patch also fixes remoteRelayDomainQemuMonitorEventCheckACL, where
we didn't clear the stack'd variable prior to use. Fortunately for now
the code didn't look at anything else than what the code overwrote.

Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
 src/remote/remote_daemon_dispatch.c | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c
index dc5790f077..4f42cdc610 100644
--- a/src/remote/remote_daemon_dispatch.c
+++ b/src/remote/remote_daemon_dispatch.c
@@ -154,22 +154,21 @@ static bool
 remoteRelayDomainEventCheckACL(virNetServerClient *client,
                                virConnectPtr conn, virDomainPtr dom)
 {
-    virDomainDef def;
+    g_autofree virDomainDef *def = g_new0(virDomainDef, 1);
     g_autoptr(virIdentity) identity = NULL;
     bool ret = false;

     /* For now, we just create a virDomainDef with enough contents to
      * satisfy what viraccessdriverpolkit.c references.  This is a bit
      * fragile, but I don't know of anything better.  */
-    memset(&def, 0, sizeof(def));
-    def.name = dom->name;
-    memcpy(def.uuid, dom->uuid, VIR_UUID_BUFLEN);
+    def->name = dom->name;
+    memcpy(def->uuid, dom->uuid, VIR_UUID_BUFLEN);

     if (!(identity = virNetServerClientGetIdentity(client)))
         goto cleanup;
     if (virIdentitySetCurrent(identity) < 0)
         goto cleanup;
-    ret = virConnectDomainEventRegisterAnyCheckACL(conn, &def);
+    ret = virConnectDomainEventRegisterAnyCheckACL(conn, def);

  cleanup:
     ignore_value(virIdentitySetCurrent(NULL));
@@ -284,21 +283,21 @@ static bool
 remoteRelayDomainQemuMonitorEventCheckACL(virNetServerClient *client,
                                           virConnectPtr conn, virDomainPtr dom)
 {
-    virDomainDef def;
+    g_autofree virDomainDef *def = g_new0(virDomainDef, 1);
     g_autoptr(virIdentity) identity = NULL;
     bool ret = false;

     /* For now, we just create a virDomainDef with enough contents to
      * satisfy what viraccessdriverpolkit.c references.  This is a bit
      * fragile, but I don't know of anything better.  */
-    def.name = dom->name;
-    memcpy(def.uuid, dom->uuid, VIR_UUID_BUFLEN);
+    def->name = dom->name;
+    memcpy(def->uuid, dom->uuid, VIR_UUID_BUFLEN);

     if (!(identity = virNetServerClientGetIdentity(client)))
         goto cleanup;
     if (virIdentitySetCurrent(identity) < 0)
         goto cleanup;
-    ret = virConnectDomainQemuMonitorEventRegisterCheckACL(conn, &def);
+    ret = virConnectDomainQemuMonitorEventRegisterCheckACL(conn, def);

  cleanup:
     ignore_value(virIdentitySetCurrent(NULL));
-- 
2.37.1







