[PATCH] qemu:qemu_snapshot: Fix a libvirtd cransh when delete snapshot

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



qemuDomainDiskByName() can return a NULL pointer on failure, but this
returned value in qemuSnapshotDeleteValidate is not checked.
It will make libvirtd crash.

diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c
index 5b3aadcbf0..52312b4a7b 100644
--- a/src/qemu/qemu_snapshot.c
+++ b/src/qemu/qemu_snapshot.c
@@ -4235,8 +4235,11 @@ qemuSnapshotDeleteValidate(virDomainObj *vm,
             virDomainDiskDef *vmdisk = NULL;
             virDomainDiskDef *disk = NULL;

-            vmdisk = qemuDomainDiskByName(vm->def, snapDisk->name);
-            disk = qemuDomainDiskByName(snapdef->parent.dom, snapDisk->name);
+            if (!(vmdisk = qemuDomainDiskByName(vm->def, snapDisk->name)))
+                return -1;
+
+            if (!(disk = qemuDomainDiskByName(snapdef->parent.dom, snapDisk->name)))
+                return -1;

             if (!virStorageSourceIsSameLocation(vmdisk->src, disk->src)) {
                 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux