[libvirt] [PATCH] Avoid closing uninitialized FDs when LXC startup fails

[Daniel P. Berrange]

From: "Daniel P. Berrange" <berrange at redhat.com>

If an LXC domain failed to start because of a bogus SELinux
label, virLXCProcessStart would call VIR_CLOSE(0) by mistake.
This is because the code which initializes the member of the
ttyFDs array to -1 got moved too far away from the place where
the array is first allocated.

Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
---
 src/lxc/lxc_process.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index cad6402..942d375 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -1077,6 +1077,8 @@ int virLXCProcessStart(virConnectPtr conn,
         virReportOOMError();
         goto cleanup;
     }
+    for (i = 0 ; i < vm->def->nconsoles ; i++)
+        ttyFDs[i] = -1;
 
     /* If you are using a SecurityDriver with dynamic labelling,
        then generate a security label for isolation */
@@ -1096,9 +1098,6 @@ int virLXCProcessStart(virConnectPtr conn,
                                       vm->def, NULL) < 0)
         goto cleanup;
 
-    for (i = 0 ; i < vm->def->nconsoles ; i++)
-        ttyFDs[i] = -1;
-
     for (i = 0 ; i < vm->def->nconsoles ; i++) {
         char *ttyPath;
         if (vm->def->consoles[i]->source.type != VIR_DOMAIN_CHR_TYPE_PTY) {
-- 
1.8.1.4