Address side effect of accessing a variable via an index: Filters accessing a variable where an element is accessed that is beyond the size of the list (for example $TEST[10] and only 2 elements are available) cannot instantiate that filter. Test for this and report proper error to user. --- src/conf/nwfilter_params.c | 29 +++++++++++++++++++++++++++++ src/conf/nwfilter_params.h | 3 ++- src/libvirt_private.syms | 2 ++ src/nwfilter/nwfilter_gentech_driver.c | 23 ++++++++++++++++++----- 4 files changed, 51 insertions(+), 6 deletions(-) Index: libvirt-iterator/src/conf/nwfilter_params.h =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_params.h +++ libvirt-iterator/src/conf/nwfilter_params.h @@ -125,7 +125,8 @@ enum virNWFilterVarAccessType virNWFilte const virNWFilterVarAccessPtr vap); unsigned int virNWFilterVarAccessGetIterId(const virNWFilterVarAccessPtr vap); unsigned int virNWFilterVarAccessGetIndex(const virNWFilterVarAccessPtr vap); - +bool virNWFilterVarAccessIsAvailable(const virNWFilterVarAccessPtr vap, + const virNWFilterHashTablePtr hash); typedef struct _virNWFilterVarCombIterEntry virNWFilterVarCombIterEntry; typedef virNWFilterVarCombIterEntry *virNWFilterVarCombIterEntryPtr; Index: libvirt-iterator/src/nwfilter/nwfilter_gentech_driver.c =================================================================== --- libvirt-iterator.orig/src/nwfilter/nwfilter_gentech_driver.c +++ libvirt-iterator/src/nwfilter/nwfilter_gentech_driver.c @@ -501,16 +501,29 @@ virNWFilterDetermineMissingVarsRec(virNW if (rule) { /* check all variables of this rule */ for (j = 0; j < rule->nVarAccess; j++) { - const char *varName; - varName = virNWFilterVarAccessGetVarName(rule->varAccess[j]); - if (!virHashLookup(vars->hashTable, varName)) { + if (!virNWFilterVarAccessIsAvailable(rule->varAccess[j], + vars)) { + const char *varAccess; + virBuffer buf = VIR_BUFFER_INITIALIZER; + + virNWFilterVarAccessPrint(rule->varAccess[j], &buf); + if (virBufferError(&buf)) { + virReportOOMError(); + rc = -1; + break; + } + val = virNWFilterVarValueCreateSimpleCopyValue("1"); if (!val) { + virBufferFreeAndReset(&buf); rc = -1; break; } - virNWFilterHashTablePut(missing_vars, varName, + + varAccess = virBufferContentAndReset(&buf); + virNWFilterHashTablePut(missing_vars, varAccess, val, 1); + VIR_FREE(varAccess); } } if (rc) @@ -752,7 +765,7 @@ err_unresolvable_vars: if (buf) { virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, _("Cannot instantiate filter due to unresolvable " - "variables: %s"), buf); + "variables or unavailable list elements: %s"), buf); VIR_FREE(buf); } Index: libvirt-iterator/src/conf/nwfilter_params.c =================================================================== --- libvirt-iterator.orig/src/conf/nwfilter_params.c +++ libvirt-iterator/src/conf/nwfilter_params.c @@ -1071,3 +1071,32 @@ virNWFilterVarAccessGetIntIterId(const v { return vap->u.index.intIterId; } + +bool +virNWFilterVarAccessIsAvailable(const virNWFilterVarAccessPtr varAccess, + const virNWFilterHashTablePtr hash) +{ + const char *varName = virNWFilterVarAccessGetVarName(varAccess); + const char *res; + unsigned int idx; + virNWFilterVarValuePtr varValue; + + varValue = virHashLookup(hash->hashTable, varName); + if (!varValue) + return false; + + switch (virNWFilterVarAccessGetType(varAccess)) { + case VIR_NWFILTER_VAR_ACCESS_ELEMENT: + idx = virNWFilterVarAccessGetIndex(varAccess); + res = virNWFilterVarValueGetNthValue(varValue, idx); + if (res == NULL) + return false; + break; + case VIR_NWFILTER_VAR_ACCESS_ITERATOR: + break; + case VIR_NWFILTER_VAR_ACCESS_LAST: + return false; + } + + return true; +} Index: libvirt-iterator/src/libvirt_private.syms =================================================================== --- libvirt-iterator.orig/src/libvirt_private.syms +++ libvirt-iterator/src/libvirt_private.syms @@ -845,6 +845,8 @@ virNWFilterHashTablePut; virNWFilterHashTablePutAll; virNWFilterHashTableRemoveEntry; virNWFilterVarAccessGetVarName; +virNWFilterVarAccessIsAvailable; +virNWFilterVarAccessPrint; virNWFilterVarCombIterCreate; virNWFilterVarCombIterFree; virNWFilterVarCombIterGetVarValue; -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list