virauth: Verify virConnectAuth::cb is set in virAuthGetPasswordPath()

[PATCH] virauth: Verify virConnectAuth::cb is set in virAuthGetPasswordPath()

Michal Privoznik via Devel posted 1 patch 2 weeks, 1 day ago

Download mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/69d94e100264a7e79b597411295e5f57859cc865.1778849681.git.mprivozn@redhat.com

src/util/virauth.c | 6 ++++++
1 file changed, 6 insertions(+)

Expand all Fold all

[PATCH] virauth: Verify virConnectAuth::cb is set in virAuthGetPasswordPath()

Posted by Michal Privoznik via Devel 2 weeks, 1 day ago

From: Michal Privoznik <mprivozn@redhat.com>

Simirarly to virAuthGetUsernamePath() check whether callback used
to collect credentials is actually set before calling it. This
bug is easily reproducible, for instance as:

  int credtype[] = { VIR_CRED_PASSPHRASE };
  virConnectPtr conn = virConnectOpenAuth("esx://root@example.com/",
                                          &(virConnectAuth){
                                          .credtype = credtype,
                                          .ncredtype = 1,
                                          .cb = NULL
                                          },
                                          0);

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/util/virauth.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/util/virauth.c b/src/util/virauth.c
index fd4b13de7a..2820220897 100644
--- a/src/util/virauth.c
+++ b/src/util/virauth.c
@@ -229,6 +229,12 @@ virAuthGetPasswordPath(const char *path,
         return NULL;
     }
 
+    if (!auth->cb) {
+        virReportError(VIR_ERR_INVALID_ARG, "%s",
+                       _("Missing authentication callback"));
+        return NULL;
+    }
+
     prompt = g_strdup_printf(_("Enter %1$s's password for %2$s"), username, hostname);
 
     if (!(cred = virAuthAskCredential(auth, prompt, false)))
-- 
2.53.0

Re: [PATCH] virauth: Verify virConnectAuth::cb is set in virAuthGetPasswordPath()

Posted by Ján Tomko via Devel 1 week, 5 days ago

On a Friday in 2026, Michal Privoznik via Devel wrote:
>From: Michal Privoznik <mprivozn@redhat.com>
>
>Simirarly to virAuthGetUsernamePath() check whether callback used
>to collect credentials is actually set before calling it. This
>bug is easily reproducible, for instance as:
>
>  int credtype[] = { VIR_CRED_PASSPHRASE };
>  virConnectPtr conn = virConnectOpenAuth("esx://root@example.com/",
>                                          &(virConnectAuth){
>                                          .credtype = credtype,
>                                          .ncredtype = 1,
>                                          .cb = NULL
>                                          },
>                                          0);
>
>Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
>---
> src/util/virauth.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano