From nobody Sun Feb 8 18:10:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1643711979; cv=none; d=zohomail.com; s=zohoarc; b=Z08WiGWJXS6Eyh+4egJuNbElqE7shm8PkzJHMM/t6vggOt/F5i8Hzhq8LqG5SW00bDoCrHKnpyVMEofKlYeviYUnSValZzmXNB4gX+DWf1vy4gGthqD0TQ0bFtKYUsib9f1ymuecJ2Gh+IJFa5p3Hn7zZwQOWqoyIIanfnJWJFc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1643711979; h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=06a2ZHnCWmEOH+Cwxz8rFaK4kknS8v3+m5xFFhT+Lx8=; b=OqnzB5vhE5WFDAnD9NXgHhjUAobYJ9twH0c9Yb+BM16x3QmwyXmbDxA0AaDM/Qv+1ecEFJJGZuUtkJxsr+TH8LJ+vtllNxFZYOOo6OrltPeTXJsc7wlbOJY9KFZzZ54CccEmHec2D5gkyPWZMB9tM/EhmYVElNnLCpw4eARcx0M= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1643711979508265.89199349089245; Tue, 1 Feb 2022 02:39:39 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-471-aZZbwUc3Po6XzRXmtSX4Pg-1; Tue, 01 Feb 2022 05:39:35 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 323781091DA1; Tue, 1 Feb 2022 10:39:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7F1E266E2A; Tue, 1 Feb 2022 10:39:25 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F192318095C9; Tue, 1 Feb 2022 10:39:18 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 211AdHlj026987 for ; Tue, 1 Feb 2022 05:39:17 -0500 Received: by smtp.corp.redhat.com (Postfix) id A201166E30; Tue, 1 Feb 2022 10:39:17 +0000 (UTC) Received: from lisa.redhat.com (unknown [10.40.194.183]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2372266E2E for ; Tue, 1 Feb 2022 10:39:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1643711978; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=06a2ZHnCWmEOH+Cwxz8rFaK4kknS8v3+m5xFFhT+Lx8=; b=dcxfO/WSafvmOV8fp4QZd4sAC5PXpw9LR9/ly+T1Edyp9KIL+Yj3rZpsos4pcOaAGBtxPT SU9fAW/GK2EMuBuEIcKEbMNX9uLe/6kcIblzNduJ8potl9ftzfg8UTL9FZ2sPBGsSc6YrR 13GSS+2eofJaf8gvTYCsyKFInkhVzEM= X-MC-Unique: aZZbwUc3Po6XzRXmtSX4Pg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH] virnwfilterbindingobj: Fix virNWFilterBindingObjNew() Date: Tue, 1 Feb 2022 11:39:13 +0100 Message-Id: <2d59155c7fb329037fc228d6bf7dd601c4c3e7f4.1643711953.git.mprivozn@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1643711982243100001 Content-Type: text/plain; charset="utf-8" The idea behind virNWFilterBindingObjNew() is to create and return an object of virNWFilterBindingObjClass class. The class is virObjectLockable (and the corresponding _virNWFilterBindingObj structure has virObjectLockable parent). But for some reason plain virObjectNew() is called. This is wrong because the mutex in the parent is left uninitialized. Next, the returned object is not locked. This is wrong because in some cases the returned object is added onto a list of bindings and then passed to virNWFilterBindingObjEndAPI() which unlocks it right away. This is potentially dangerous because we might just have unlocked the object for another thread. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko --- src/conf/virnwfilterbindingobj.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/conf/virnwfilterbindingobj.c b/src/conf/virnwfilterbinding= obj.c index acea240b5d..d387af68c0 100644 --- a/src/conf/virnwfilterbindingobj.c +++ b/src/conf/virnwfilterbindingobj.c @@ -57,10 +57,15 @@ VIR_ONCE_GLOBAL_INIT(virNWFilterBindingObj); virNWFilterBindingObj * virNWFilterBindingObjNew(void) { + virNWFilterBindingObj *ret; if (virNWFilterBindingObjInitialize() < 0) return NULL; =20 - return virObjectNew(virNWFilterBindingObjClass); + if (!(ret =3D virObjectLockableNew(virNWFilterBindingObjClass))) + return NULL; + + virObjectLock(ret); + return ret; } =20 =20 --=20 2.34.1