An iSCSI device with zero hosts will result in a segmentation fault. This patch
adds a check for the number of hosts, which must be one in the case of iSCSI.
Minimal reproducing XML:
<domain type='qemu'>
<name>MyGuest</name>
<uuid>4dea22b3-1d52-d8f3-2516-782e98ab3fa0</uuid>
<os>
<type arch='x86_64'>hvm</type>
</os>
<memory>4096</memory>
<devices>
<disk type='network'>
<source name='dummy' protocol='iscsi'/>
<target dev='vda'/>
</disk>
</devices>
</domain>
Signed-off-by: Rayhan Faizel <rayhan.faizel@xxxxxxxxx>
---
This crashing XML was detected by the WIP fuzzer which is being developed
as part of Google Summer of Code 2024.
src/qemu/qemu_block.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 738b72d7ea..d6cdf521c4 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -602,6 +602,12 @@ qemuBlockStorageSourceGetISCSIProps(virStorageSource *src,
* }
*/
+ if (src->nhosts != 1) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("iSCSI protocol accepts only one host"));
+ return NULL;
+ }
+
target = g_strdup(src->path);
/* Separate the target and lun */
--
2.34.1
