From nobody Tue Apr 30 06:20:03 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15102206316811008.623356646085; Thu, 9 Nov 2017 01:43:51 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7DD0A81DF5; Thu, 9 Nov 2017 09:43:50 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5254C6F10D; Thu, 9 Nov 2017 09:43:50 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E1A0B180474A; Thu, 9 Nov 2017 09:43:49 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id vA99hlS7004257 for ; Thu, 9 Nov 2017 04:43:47 -0500 Received: by smtp.corp.redhat.com (Postfix) id E99AB6001B; Thu, 9 Nov 2017 09:43:47 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4634D61783; Thu, 9 Nov 2017 09:43:47 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Thu, 9 Nov 2017 10:43:22 +0100 Message-Id: <44b0e6ffc3728de286e71a5d17fb266d2c6224d8.1510220541.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Cc: Peter Krempa Subject: [libvirt] [PATCH 1/2] qemu: block: Break out early on invalid storage sources X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 09 Nov 2017 09:43:50 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Return NULL right away in qemuBlockStorageSourceGetBackendProps when an invalid storage source is presented so that virJSONValueObjectAdd isn't called with a NULL argument. Found by coverity. Reviewed-by: John Ferlan --- src/qemu/qemu_block.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index e46a455af..600f315fe 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -958,7 +958,7 @@ qemuBlockStorageSourceGetBackendProps(virStorageSourceP= tr src) case VIR_STORAGE_TYPE_VOLUME: case VIR_STORAGE_TYPE_NONE: case VIR_STORAGE_TYPE_LAST: - break; + return NULL; case VIR_STORAGE_TYPE_NETWORK: switch ((virStorageNetProtocol) src->protocol) { @@ -1008,7 +1008,7 @@ qemuBlockStorageSourceGetBackendProps(virStorageSourc= ePtr src) case VIR_STORAGE_NET_PROTOCOL_NONE: case VIR_STORAGE_NET_PROTOCOL_LAST: - break; + return NULL; } break; } --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 30 06:20:03 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1510220641965240.31920904979165; Thu, 9 Nov 2017 01:44:01 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 64D2D2CE94F; Thu, 9 Nov 2017 09:43:59 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3B4366F117; Thu, 9 Nov 2017 09:43:59 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 02E821800BDE; Thu, 9 Nov 2017 09:43:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id vA99hmNC004267 for ; Thu, 9 Nov 2017 04:43:48 -0500 Received: by smtp.corp.redhat.com (Postfix) id E74066001E; Thu, 9 Nov 2017 09:43:48 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 42A096001B; Thu, 9 Nov 2017 09:43:48 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Thu, 9 Nov 2017 10:43:23 +0100 Message-Id: <9ebe41bc6dbbca1471fce07ad84869b3348b42c5.1510220541.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Cc: Peter Krempa Subject: [libvirt] [PATCH 2/2] qemu: block: Don't leak server JSON object from protocol generators X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 09 Nov 2017 09:43:59 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" If creation of the main JSON object containing the storage portion of a virStorageSource would fail but we'd allocate the server structure we'd leak it. Found by coverity. Reviewed-by: John Ferlan --- src/qemu/qemu_block.c | 72 ++++++++++++++++++++++++++++++++---------------= ---- 1 file changed, 46 insertions(+), 26 deletions(-) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index 600f315fe..8b23df822 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -833,13 +833,18 @@ qemuBlockStorageSourceGetNBDProps(virStorageSourcePtr= src) if (!serverprops) return NULL; - ignore_value(virJSONValueObjectCreate(&ret, - "s:driver", "nbd", - "a:server", serverprops, - "S:export", src->path, - "S:tls-creds", src->tlsAlias, - NULL)); + if (virJSONValueObjectCreate(&ret, + "s:driver", "nbd", + "a:server", serverprops, + "S:export", src->path, + "S:tls-creds", src->tlsAlias, + NULL) < 0) + goto cleanup; + + serverprops =3D NULL; + cleanup: + virJSONValueFree(serverprops); return ret; } @@ -859,16 +864,21 @@ qemuBlockStorageSourceGetRBDProps(virStorageSourcePtr= src) if (src->auth) username =3D srcPriv->secinfo->s.aes.username; - ignore_value(virJSONValueObjectCreate(&ret, - "s:driver", "rbd", - "s:pool", src->volume, - "s:image", src->path, - "S:snapshot", src->snapshot, - "S:conf", src->configFile, - "A:server", servers, - "S:user", username, - NULL)); + if (virJSONValueObjectCreate(&ret, + "s:driver", "rbd", + "s:pool", src->volume, + "s:image", src->path, + "S:snapshot", src->snapshot, + "S:conf", src->configFile, + "A:server", servers, + "S:user", username, + NULL) < 0) + goto cleanup; + servers =3D NULL; + + cleanup: + virJSONValueFree(servers); return ret; } @@ -891,12 +901,17 @@ qemuBlockStorageSourceGetSheepdogProps(virStorageSour= cePtr src) return NULL; /* libvirt does not support the 'snap-id' and 'tag' properties */ - ignore_value(virJSONValueObjectCreate(&ret, - "s:driver", "sheepdog", - "a:server", serverprops, - "s:vdi", src->path, - NULL)); + if (virJSONValueObjectCreate(&ret, + "s:driver", "sheepdog", + "a:server", serverprops, + "s:vdi", src->path, + NULL) < 0) + goto cleanup; + serverprops =3D NULL; + + cleanup: + virJSONValueFree(serverprops); return ret; } @@ -921,13 +936,18 @@ qemuBlockStorageSourceGetSshProps(virStorageSourcePtr= src) if (src->auth) username =3D src->auth->username; - ignore_value(virJSONValueObjectCreate(&ret, - "s:driver", "ssh", - "s:path", src->path, - "a:server", serverprops, - "S:user", username, - NULL)); + if (virJSONValueObjectCreate(&ret, + "s:driver", "ssh", + "s:path", src->path, + "a:server", serverprops, + "S:user", username, + NULL) < 0) + goto cleanup; + + serverprops =3D NULL; + cleanup: + virJSONValueFree(serverprops); return ret; } --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list