[libvirt] [PATCH] Fix libvirtd crash in qemuDomainGetTLSObjects
Erik Skultety
eskultet at redhat.com
Wed Sep 20 07:03:18 UTC 2017
On Tue, Sep 19, 2017 at 09:58:34PM -0700, Ashish Mittal wrote:
> Passing a NULL value for the argument secAlias to the function
> qemuDomainGetTLSObjects causes a segmentation fault.
>
> Thread 3 "libvirtd" received signal SIGSEGV, Segmentation fault.
> 0x00007f97c9c42a3d in qemuDomainGetTLSObjects (...,secAlias=0x0)
> at qemu/qemu_hotplug.c:1736
Can you provide the whole backtrace? Because from what I see in the code,
qemuDomainGetTLSObjects is called from qemu_hotplug.c and qemu_migration.c, but
none of the code paths would result in qemuDomainGetTLSObjects to get secAlias
== NULL, solely because all the callers (direct or indirect) of this method call
it as &secAlias. Therefore, I think the case you're trying to fix cannot
happen in the current state - the fix is also wrong, see below.
>
> if (qemuBuildTLSx509BackendProps(tlsCertdir, tlsListen, tlsVerify,
> - *secAlias, qemuCaps, tlsProps) < 0)
> + **secAlias ? *secAlias : NULL, qemuCaps,
So, hypothetically, if secAlias == NULL and *secAlias results in a SEGFAULT,
what is the result of doing **secAlias? Correct, a SEGFAULT.
Erik
More information about the libvir-list
mailing list