Detected by Coverity. Commit a98d8f0d tried to make uuid debugging
more robust, but missed some APIs. And on the APIs that it visited,
the mere act of preparing the debug message ends up dereferencing
uuid prior to the null check. Which means the APIs which are supposed
to gracefully reject NULL arguments now end up with SIGSEGV.
* src/libvirt.c (VIR_UUID_DEBUG): New macro.
(virDomainLookupByUUID, virDomainLookupByUUIDString)
(virNetworkLookupByUUID, virNetworkLookupByUUIDString)
(virStoragePoolLookupByUUID, virStoragePoolLookupByUUIDString)
(virSecretLookupByUUID, virSecretLookupByUUIDString)
(virNWFilterLookupByUUID, virNWFilterLookupByUUIDString): Avoid
null dereference.
---
src/libvirt.c | 42 ++++++++++++++++++++++++++----------------
1 files changed, 26 insertions(+), 16 deletions(-)
diff --git a/src/libvirt.c b/src/libvirt.c
index cbe1926..bb80f3f 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -363,6 +363,22 @@ static struct gcry_thread_cbs virTLSThreadImpl = {
__VA_ARGS__)
/**
+ * VIR_UUID_DEBUG:
+ * @conn: connection
+ * @uuid: possibly null UUID array
+ */
+#define VIR_UUID_DEBUG(conn, uuid) \
+ do { \
+ if (uuid) { \
+ char _uuidstr[VIR_UUID_STRING_BUFLEN]; \
+ virUUIDFormat(uuid, _uuidstr); \
+ VIR_DEBUG("conn=%p, uuid=%s", conn, _uuidstr); \
+ } else { \
+ VIR_DEBUG("conn=%p, uuid=(null)", conn); \
+ } \
+ } while (0)
+
+/**
* virInitialize:
*
* Initialize the library. It's better to call this routine at startup
@@ -1941,10 +1957,7 @@ error:
virDomainPtr
virDomainLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
{
- char uuidstr[VIR_UUID_STRING_BUFLEN];
- virUUIDFormat(uuid, uuidstr);
-
- VIR_DEBUG("conn=%p, uuid=%s", conn, uuidstr);
+ VIR_UUID_DEBUG(conn, uuid);
virResetLastError();
@@ -1987,7 +2000,7 @@ virDomainPtr
virDomainLookupByUUIDString(virConnectPtr conn, const char *uuidstr)
{
unsigned char uuid[VIR_UUID_BUFLEN];
- VIR_DEBUG("conn=%p, uuidstr=%s", conn, uuidstr);
+ VIR_DEBUG("conn=%p, uuidstr=%s", conn, NULLSTR(uuidstr));
virResetLastError();
@@ -7558,10 +7571,7 @@ error:
virNetworkPtr
virNetworkLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
{
- char uuidstr[VIR_UUID_STRING_BUFLEN];
- virUUIDFormat(uuid, uuidstr);
-
- VIR_DEBUG("conn=%p, uuid=%s", conn, uuidstr);
+ VIR_UUID_DEBUG(conn, uuid);
virResetLastError();
@@ -7604,7 +7614,7 @@ virNetworkPtr
virNetworkLookupByUUIDString(virConnectPtr conn, const char *uuidstr)
{
unsigned char uuid[VIR_UUID_BUFLEN];
- VIR_DEBUG("conn=%p, uuidstr=%s", conn, uuidstr);
+ VIR_DEBUG("conn=%p, uuidstr=%s", conn, NULLSTR(uuidstr));
virResetLastError();
@@ -9300,7 +9310,7 @@ virStoragePoolPtr
virStoragePoolLookupByUUID(virConnectPtr conn,
const unsigned char *uuid)
{
- VIR_DEBUG("conn=%p, uuid=%s", conn, uuid);
+ VIR_UUID_DEBUG(conn, uuid);
virResetLastError();
@@ -9344,7 +9354,7 @@ virStoragePoolLookupByUUIDString(virConnectPtr conn,
const char *uuidstr)
{
unsigned char uuid[VIR_UUID_BUFLEN];
- VIR_DEBUG("conn=%p, uuidstr=%s", conn, uuidstr);
+ VIR_DEBUG("conn=%p, uuidstr=%s", conn, NULLSTR(uuidstr));
virResetLastError();
@@ -11831,7 +11841,7 @@ error:
virSecretPtr
virSecretLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
{
- VIR_DEBUG("conn=%p, uuid=%s", conn, uuid);
+ VIR_UUID_DEBUG(conn, uuid);
virResetLastError();
@@ -11876,7 +11886,7 @@ virSecretPtr
virSecretLookupByUUIDString(virConnectPtr conn, const char *uuidstr)
{
unsigned char uuid[VIR_UUID_BUFLEN];
- VIR_DEBUG("conn=%p, uuidstr=%s", conn, uuidstr);
+ VIR_DEBUG("conn=%p, uuidstr=%s", conn, NULLSTR(uuidstr));
virResetLastError();
@@ -13487,7 +13497,7 @@ error:
virNWFilterPtr
virNWFilterLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
{
- VIR_DEBUG("conn=%p, uuid=%s", conn, uuid);
+ VIR_UUID_DEBUG(conn, uuid);
virResetLastError();
@@ -13530,7 +13540,7 @@ virNWFilterPtr
virNWFilterLookupByUUIDString(virConnectPtr conn, const char *uuidstr)
{
unsigned char uuid[VIR_UUID_BUFLEN];
- VIR_DEBUG("conn=%p, uuidstr=%s", conn, uuidstr);
+ VIR_DEBUG("conn=%p, uuidstr=%s", conn, NULLSTR(uuidstr));
virResetLastError();
--
1.7.4.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list