[libvirt] [PATCH] Avoid crash on NULL pointer in lock driver impls during hotplug

Daniel P. Berrange berrange at redhat.com
Thu Jun 2 13:58:01 UTC 2011


From: "Daniel P. Berrange" <berrange at redhat.com>

When virLockDriverAcquire is invoked during hotplug the state
parameter will be left as NULL.

* src/locking/lock_driver_nop.c,
  src/locking/lock_driver_sanlock.c: Don't reference NULL state
  parameter
---
 src/locking/lock_driver_nop.c     |    7 ++++---
 src/locking/lock_driver_sanlock.c |   29 ++++++++++++++++++-----------
 2 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/src/locking/lock_driver_nop.c b/src/locking/lock_driver_nop.c
index 5ebbd8d..36a9083 100644
--- a/src/locking/lock_driver_nop.c
+++ b/src/locking/lock_driver_nop.c
@@ -76,7 +76,8 @@ static int virLockManagerNopRelease(virLockManagerPtr lock ATTRIBUTE_UNUSED,
                                     char **state,
                                     unsigned int flags ATTRIBUTE_UNUSED)
 {
-    *state = NULL;
+    if (state)
+        *state = NULL;
 
     return 0;
 }
@@ -85,8 +86,8 @@ static int virLockManagerNopInquire(virLockManagerPtr lock ATTRIBUTE_UNUSED,
                                     char **state,
                                     unsigned int flags ATTRIBUTE_UNUSED)
 {
-
-    *state = NULL;
+    if (state)
+        *state = NULL;
 
     return 0;
 }
diff --git a/src/locking/lock_driver_sanlock.c b/src/locking/lock_driver_sanlock.c
index a60d7ce..adead76 100644
--- a/src/locking/lock_driver_sanlock.c
+++ b/src/locking/lock_driver_sanlock.c
@@ -374,18 +374,20 @@ static int virLockManagerSanlockRelease(virLockManagerPtr lock,
 
     virCheckFlags(0, -1);
 
-    if ((rv = sanlock_inquire(-1, priv->vm_pid, 0, &res_count, state)) < 0) {
-        if (rv <= -200)
-            virLockError(VIR_ERR_INTERNAL_ERROR,
-                         _("Failed to inquire lock: error %d"), rv);
-        else
-            virReportSystemError(-rv, "%s",
-                                 _("Failed to inquire lock"));
-        return -1;
-    }
+    if (state) {
+        if ((rv = sanlock_inquire(-1, priv->vm_pid, 0, &res_count, state)) < 0) {
+            if (rv <= -200)
+                virLockError(VIR_ERR_INTERNAL_ERROR,
+                             _("Failed to inquire lock: error %d"), rv);
+            else
+                virReportSystemError(-rv, "%s",
+                                     _("Failed to inquire lock"));
+            return -1;
+        }
 
-    if (STREQ(*state, ""))
-        VIR_FREE(*state);
+        if (STREQ(*state, ""))
+            VIR_FREE(*state);
+    }
 
     if ((rv = sanlock_release(-1, priv->vm_pid, SANLK_REL_ALL, 0, NULL)) < 0) {
         if (rv <= -200)
@@ -409,6 +411,11 @@ static int virLockManagerSanlockInquire(virLockManagerPtr lock,
 
     virCheckFlags(0, -1);
 
+    if (!state) {
+        virLockError(VIR_ERR_INVALID_ARG, "state");
+        return -1;
+    }
+
     VIR_DEBUG("pid=%d", priv->vm_pid);
 
     if ((rv = sanlock_inquire(-1, priv->vm_pid, 0, &res_count, state)) < 0) {
-- 
1.7.5.2




More information about the libvir-list mailing list