[PATCH 2/5] virNetSSHSessionAuthAddPasswordAuth: Don't access unlocked 'sess'
Peter Krempa
pkrempa at redhat.com
Mon Jan 23 16:08:52 UTC 2023
'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.
Fixes: 273745b43122a77adf8c73b2e0a852ac42387349
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/rpc/virnetsshsession.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c
index 8584a961d6..73e65d9371 100644
--- a/src/rpc/virnetsshsession.c
+++ b/src/rpc/virnetsshsession.c
@@ -970,15 +970,17 @@ virNetSSHSessionAuthAddPasswordAuth(virNetSSHSession *sess,
{
virNetSSHAuthMethod *auth;
+ virObjectLock(sess);
+
if (uri) {
VIR_FREE(sess->authPath);
- if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0)
- goto error;
+ if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0) {
+ virObjectUnlock(sess);
+ return -1;
+ }
}
- virObjectLock(sess);
-
if (!(auth = virNetSSHSessionAuthMethodNew(sess)))
goto error;
--
2.38.1
More information about the libvir-list
mailing list