[PATCH] util: Prevent a NULl pointer from being accessed

Yi Wang posted 1 patch 2 weeks ago
Test syntax-check failed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/1581516620-25311-1-git-send-email-wang.yi59@zte.com.cn
src/util/virstoragefile.c | 5 +++++
1 file changed, 5 insertions(+)

[PATCH] util: Prevent a NULl pointer from being accessed

Posted by Yi Wang 2 weeks ago
From: Huang Zijiang <huang.zijiang@zte.com.cn>

virJSONValueObjectGetObject maybe return NULL if the key is
missing or if value is not the correct TYPE, so we have to prevent
a NULl pointer from being accessed.

Signed-off-by: Huang Zijiang <huang.zijiang@zte.com.cn>
Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
---
 src/util/virstoragefile.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index e46ac99..53224b5 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -3378,6 +3378,11 @@ virStorageSourceParseBackingJSONSheepdog(virStorageSourcePtr src,
     const char *filename;
     const char *vdi = virJSONValueObjectGetString(json, "vdi");
     virJSONValuePtr server = virJSONValueObjectGetObject(json, "server");
+    if (!server) {
+    virReportError(VIR_ERR_INVALID_ARG, "%s",
+                        _("missing server in JSON backing volume definition"));
+         return -1;    
+    }
 
     /* legacy URI based syntax passed via 'filename' option */
     if ((filename = virJSONValueObjectGetString(json, "filename"))) {
-- 
1.9.1


Re: [PATCH] util: Prevent a NULl pointer from being accessed

Posted by Peter Krempa 2 weeks ago
On Wed, Feb 12, 2020 at 22:10:20 +0800, Yi Wang wrote:
> From: Huang Zijiang <huang.zijiang@zte.com.cn>
> 
> virJSONValueObjectGetObject maybe return NULL if the key is
> missing or if value is not the correct TYPE, so we have to prevent
> a NULl pointer from being accessed.
> 
> Signed-off-by: Huang Zijiang <huang.zijiang@zte.com.cn>
> Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
> ---
>  src/util/virstoragefile.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
> index e46ac99..53224b5 100644
> --- a/src/util/virstoragefile.c
> +++ b/src/util/virstoragefile.c
> @@ -3378,6 +3378,11 @@ virStorageSourceParseBackingJSONSheepdog(virStorageSourcePtr src,
>      const char *filename;
>      const char *vdi = virJSONValueObjectGetString(json, "vdi");
>      virJSONValuePtr server = virJSONValueObjectGetObject(json, "server");
> +    if (!server) {
> +    virReportError(VIR_ERR_INVALID_ARG, "%s",
> +                        _("missing server in JSON backing volume definition"));
> +         return -1;    
> +    }

Server is passed only to virStorageSourceParseBackingJSONSocketAddress
as the '@json' variable where it's checked and the same error is
actually reported, so it's not needed to check it here.