Compiler isn't able to see that 'virDevMapperGetTargets' in cases e.g.
when the devmapper isn't available may not initialize the value in the
pointer passed as the second argument.

The usage 'qemuDomainSetupDisk' lead to an accidental infinite loop as
previous calls apparently doctored the stack to a point where
'g_slist_concat' would end up in an infinite loop trying to find the end
of the list.

Fixes: 6c49c2ee9fc
Closes: https://gitlab.com/libvirt/libvirt/-/issues/268
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/qemu/qemu_namespace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
index 23b1160c5e..94453033f5 100644
--- a/src/qemu/qemu_namespace.c
+++ b/src/qemu/qemu_namespace.c
@@ -251,7 +251,7 @@ qemuDomainSetupDisk(virStorageSource *src,
             if (!(tmpPath = virPCIDeviceAddressGetIOMMUGroupDev(&next->nvme->pciAddr)))
                 return -1;
         } else {
-            GSList *targetPaths;
+            GSList *targetPaths = NULL;

             if (virStorageSourceIsEmpty(next) ||
                 !virStorageSourceIsLocalStorage(next)) {
-- 
2.34.1

On Tue, Jan 25, 2022 at 05:59:28PM +0100, Peter Krempa wrote:
> Compiler isn't able to see that 'virDevMapperGetTargets' in cases e.g.
> when the devmapper isn't available may not initialize the value in the
> pointer passed as the second argument.
>
> The usage 'qemuDomainSetupDisk' lead to an accidental infinite loop as
> previous calls apparently doctored the stack to a point where
> 'g_slist_concat' would end up in an infinite loop trying to find the end
> of the list.
>
> Fixes: 6c49c2ee9fc

Full commit hash here maybe?

Reviewed-by: Andrea Bolognani <abologna@redhat.com>

-- 
Andrea Bolognani / Red Hat / Virtualization