From: Alex Jia <ajia@xxxxxxxxxx>
Detected by Coverity. the only case is caller passes a NULL to 'format' variable,
then taking 'if (format)' false branch, the function qcow2GetBackingStoreFormat
will directly dereferences the NULL 'format' pointer variable.
Signed-off-by: Alex Jia <ajia@xxxxxxxxxx>
---
src/util/storage_file.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/util/storage_file.c b/src/util/storage_file.c
index f33ea74..ba9cfc5 100644
--- a/src/util/storage_file.c
+++ b/src/util/storage_file.c
@@ -333,7 +333,7 @@ qcowXGetBackingStore(char **res,
* between the end of the header (QCOW2_HDR_TOTAL_SIZE)
* and the start of the backingStoreName (offset)
*/
- if (isQCow2)
+ if (isQCow2 && format)
qcow2GetBackingStoreFormat(format, buf, buf_size, QCOW2_HDR_TOTAL_SIZE, offset);
return BACKING_STORE_OK;
--
1.7.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list