[libvirt] [PATCH] Fix libvirtd crash in qemuDomainGetTLSObjects
Erik Skultety
eskultet at redhat.com
Wed Sep 20 07:52:44 UTC 2017
On Wed, Sep 20, 2017 at 09:03:18AM +0200, Erik Skultety wrote:
> On Tue, Sep 19, 2017 at 09:58:34PM -0700, Ashish Mittal wrote:
> > Passing a NULL value for the argument secAlias to the function
> > qemuDomainGetTLSObjects causes a segmentation fault.
> >
> > Thread 3 "libvirtd" received signal SIGSEGV, Segmentation fault.
> > 0x00007f97c9c42a3d in qemuDomainGetTLSObjects (...,secAlias=0x0)
> > at qemu/qemu_hotplug.c:1736
>
> Can you provide the whole backtrace? Because from what I see in the code,
> qemuDomainGetTLSObjects is called from qemu_hotplug.c and qemu_migration.c, but
> none of the code paths would result in qemuDomainGetTLSObjects to get secAlias
> == NULL, solely because all the callers (direct or indirect) of this method call
Oh, I see, this is supposed to be a follow-up patch to
https://www.redhat.com/archives/libvir-list/2017-September/msg00645.html.
You can disregard my comment above then, the fix still needs to be adjusted
though as pointed out in my previous response.
Erik
> it as &secAlias. Therefore, I think the case you're trying to fix cannot
> happen in the current state - the fix is also wrong, see below.
>
>
> >
> > if (qemuBuildTLSx509BackendProps(tlsCertdir, tlsListen, tlsVerify,
> > - *secAlias, qemuCaps, tlsProps) < 0)
> > + **secAlias ? *secAlias : NULL, qemuCaps,
>
> So, hypothetically, if secAlias == NULL and *secAlias results in a SEGFAULT,
> what is the result of doing **secAlias? Correct, a SEGFAULT.
>
> Erik
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
More information about the libvir-list
mailing list