[Libvir] PATCH: BZ 427107: fix crash wrt auth callback

Daniel P. Berrange berrange at redhat.com
Wed Jan 2 12:31:56 UTC 2008 

If the application does not supply an authentication callback, and tries to
connect to a server with PolicyKit auth turned on it will try to deference
a NULL pointer with predictably crashtastic results:

  https://bugzilla.redhat.com/show_bug.cgi?id=427107

This patch has been tested by bug reporter to fix the issue


Index: src/remote_internal.c
===================================================================
RCS file: /data/cvs/libvirt/src/remote_internal.c,v
retrieving revision 1.49
diff -u -p -r1.49 remote_internal.c
--- src/remote_internal.c	17 Dec 2007 17:41:02 -0000	1.49
+++ src/remote_internal.c	31 Dec 2007 20:30:19 -0000
@@ -3347,24 +3347,26 @@ remoteAuthPolkit (virConnectPtr conn, st
     };
     remoteDebug(priv, "Client initialize PolicyKit authentication");
 
-    for (i = 0 ; i < auth->ncredtype ; i++) {
-        if (auth->credtype[i] == VIR_CRED_EXTERNAL)
-            allowcb = 1;
-    }
+    if (auth && auth->cb) {
+        /* Check if the neccessary credential type for PolicyKit is supported */
+        for (i = 0 ; i < auth->ncredtype ; i++) {
+            if (auth->credtype[i] == VIR_CRED_EXTERNAL)
+                allowcb = 1;
+        }
 
-    /* Run the authentication callback */
-    if (allowcb) {
-        if (auth && auth->cb &&
-            (*(auth->cb))(&cred, 1, auth->cbdata) < 0) {
-            __virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE,
-                             VIR_ERR_AUTH_FAILED, VIR_ERR_ERROR, NULL, NULL, NULL, 0, 0,
-                             "Failed to collect auth credentials");
-            return -1;
+        if (allowcb) {
+            /* Run the authentication callback */
+            if ((*(auth->cb))(&cred, 1, auth->cbdata) < 0) {
+                __virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE,
+                                 VIR_ERR_AUTH_FAILED, VIR_ERR_ERROR, NULL, NULL, NULL, 0, 0,
+                                 "Failed to collect auth credentials");
+                return -1;
+            }
         } else {
-            remoteDebug(priv, "No auth callback provided for PolicyKit");
+            remoteDebug(priv, "Client auth callback does not support PolicyKit");
         }
     } else {
-        remoteDebug(priv, "Client auth callback does not support PolicyKit");
+        remoteDebug(priv, "No auth callback provided");
     }
 
     memset (&ret, 0, sizeof ret);


Regards,
Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=|

More information about the libvir-list mailing list