[libvirt] [PATCH] daemon: fix logic bug with virAsprintf
Jim Fehlig
jfehlig at suse.com
Wed Feb 15 17:52:39 UTC 2012
Eric Blake wrote:
> Regression introduced in commit 7033c5f2, due to improper conversion
> from snprintf to virAsprintf.
>
> * daemon/remote.c (remoteDispatchAuthList): Check return value
> correctly.
> ---
>
> This one's embarrassing. I think I broke polkit authorization in
> 0.9.10. :(
>
Yes, you did :).
> daemon/remote.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/daemon/remote.c b/daemon/remote.c
> index 9c61306..724db23 100644
> --- a/daemon/remote.c
> +++ b/daemon/remote.c
> @@ -2052,7 +2052,7 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED,
> } else if (callerUid == 0) {
> char *ident;
> if (virAsprintf(&ident, "pid:%lld,uid:%d",
> - (long long) callerPid, callerUid) == 0) {
> + (long long) callerPid, callerUid) >= 0) {
> VIR_INFO("Bypass polkit auth for privileged client %s",
> ident);
> if (virNetServerClientSetIdentity(client, ident) < 0)
>
I also found a segfault and was about to post the attached patch.
Regards,
Jim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-polkit0-authentication.patch
Type: text/x-diff
Size: 1989 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120215/a2f0cd7e/attachment-0001.bin>
More information about the libvir-list
mailing list