[libvirt] [PATCH] qemu: domain: Fix potential NULL deref when parsing job private data

Mon Sep 2 14:13:55 UTC 2019

A specially crafted XML which would reference a non-existing disk but
request the mirror to be registered with the blockjob could potentially
make the parser dereference NULL. Fix it by moving the code slightly and
just treat it as a wrong job XML. Found by Coverity.

Reported-by: John Ferlan <jferlan at redhat.com>
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
 src/qemu/qemu_domain.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 657f3ecfe4..c7eb0b5e9a 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -3012,15 +3012,19 @@ qemuDomainObjPrivateXMLParseBlockjobData(virDomainObjPtr vm,
             invalidData = true;
     }

+    if (mirror) {
+        if (disk)
+            job->mirrorChain = virObjectRef(disk->mirror);
+        else
+            invalidData = true;
+    }
+
     job->state = state;
     job->newstate = newstate;
     job->errmsg = virXPathString("string(./errmsg)", ctxt);
     job->invalidData = invalidData;
     job->disk = disk;

-    if (mirror)
-        job->mirrorChain = virObjectRef(job->disk->mirror);
-
     qemuDomainObjPrivateXMLParseBlockjobDataSpecific(job, ctxt, xmlopt);

     if (qemuBlockJobRegister(job, vm, disk, false) < 0)
-- 
2.21.0


