[libvirt] [PATCH] daemon: fix logic bug with virAsprintf

Jim Fehlig jfehlig at suse.com
Wed Feb 15 17:52:39 UTC 2012


Eric Blake wrote:
> Regression introduced in commit 7033c5f2, due to improper conversion
> from snprintf to virAsprintf.
>
> * daemon/remote.c (remoteDispatchAuthList): Check return value
> correctly.
> ---
>
> This one's embarrassing.  I think I broke polkit authorization in
> 0.9.10.  :(
>   

Yes, you did :).

>  daemon/remote.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/daemon/remote.c b/daemon/remote.c
> index 9c61306..724db23 100644
> --- a/daemon/remote.c
> +++ b/daemon/remote.c
> @@ -2052,7 +2052,7 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED,
>          } else if (callerUid == 0) {
>              char *ident;
>              if (virAsprintf(&ident, "pid:%lld,uid:%d",
> -                            (long long) callerPid, callerUid) == 0) {
> +                            (long long) callerPid, callerUid) >= 0) {
>                  VIR_INFO("Bypass polkit auth for privileged client %s",
>                           ident);
>                  if (virNetServerClientSetIdentity(client, ident) < 0)
>   

I also found a segfault and was about to post the attached patch.

Regards,
Jim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-polkit0-authentication.patch
Type: text/x-diff
Size: 1989 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120215/a2f0cd7e/attachment-0001.bin>


More information about the libvir-list mailing list