[libvirt] [PATCH 4/7] qemu: Fix segfault if defining a domain without <seclabel>
Daniel P. Berrange
berrange at redhat.com
Thu Jan 13 17:20:17 UTC 2011
On Wed, Jan 12, 2011 at 12:23:00PM -0500, Cole Robinson wrote:
> If the selinux driver is the default, it will lead to a null dereference.
> This change should still yeild the intended result, since a null model
> basically implies 'use the default'.
>
> Signed-off-by: Cole Robinson <crobinso at redhat.com>
> ---
> src/security/security_driver.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/src/security/security_driver.c b/src/security/security_driver.c
> index 5711aee..7d2e0de 100644
> --- a/src/security/security_driver.c
> +++ b/src/security/security_driver.c
> @@ -82,7 +82,8 @@ virSecurityIsSpecifiedDriver(virSecurityManagerPtr mgr,
> {
> bool ret = true;
>
> - if (!STREQ(virSecurityManagerGetModel(mgr), def->seclabel.model)) {
> + if (def->seclabel.model &&
> + !STREQ(virSecurityManagerGetModel(mgr), def->seclabel.model)) {
> virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
> _("security label driver mismatch: "
> "'%s' model configured for domain, but "
ACK it doesn't hurt, but it should have also been checked at the
higher level in the Verify function
Daniel
More information about the libvir-list
mailing list