[PATCH] Fix possible seg fault in resource_add() and resource_mod()
# HG changeset patch # User Kaitlin Rupert <karupert@us.ibm.com> # Date 1248905120 25200 # Node ID d7f583a37de4224d6c74bab3c36caee1c0dc6216 # Parent b9c58e6a654f29fcc49a12457ed12fc57ec15953 Fix possible seg fault in resource_add() and resource_mod() If a user attempts to add a virtual NIC with a MAC that is already in use, the provider doesn't current check the return from rasd_to_vdev(). This means the net device struct isn't properly filled out and will result in a seg fault. To fix this, be sure to check the return of rast_to_vdev() and return an error accordingly. Signed-off-by: Kaitlin Rupert <karupert@us.ibm.com> diff -r b9c58e6a654f -r d7f583a37de4 src/Virt_VirtualSystemManagementService.c --- a/src/Virt_VirtualSystemManagementService.c Wed Jul 29 11:26:26 2009 -0700 +++ b/src/Virt_VirtualSystemManagementService.c Wed Jul 29 15:05:20 2009 -0700 @@ -1869,6 +1869,7 @@ struct virt_device *list; struct virt_device *dev; int *count = NULL; + const char *msg = NULL; op = CMGetObjectPath(rasd, &s); if ((op == NULL) || (s.rc != CMPI_RC_OK)) @@ -1915,7 +1916,14 @@ dev = &list[*count]; dev->type = type; - rasd_to_vdev(rasd, dominfo, dev, ns); + msg = rasd_to_vdev(rasd, dominfo, dev, ns); + if (msg != NULL) { + cu_statusf(_BROKER, &s, + CMPI_RC_ERR_FAILED, + "Add resource failed: %s", + msg); + goto out; + } if ((type == CIM_RES_TYPE_GRAPHICS) || (type == CIM_RES_TYPE_INPUT)) { (*count)++; @@ -1948,6 +1956,7 @@ struct virt_device *list; int *count; int i; + const char *msg = NULL; if (devid == NULL) { cu_statusf(_BROKER, &s, @@ -1978,7 +1987,14 @@ struct virt_device *dev = &list[i]; if (STREQ(dev->id, devid)) { - rasd_to_vdev(rasd, dominfo, dev, ns); + msg = rasd_to_vdev(rasd, dominfo, dev, ns); + if (msg != NULL) { + cu_statusf(_BROKER, &s, + CMPI_RC_ERR_FAILED, + "Modify resource failed: %s", + msg); + goto out; + } if ((type == CIM_RES_TYPE_GRAPHICS) || (type == CIM_RES_TYPE_INPUT))
+1 On 07/29/2009 07:05 PM, Kaitlin Rupert wrote:
# HG changeset patch # User Kaitlin Rupert<karupert@us.ibm.com> # Date 1248905120 25200 # Node ID d7f583a37de4224d6c74bab3c36caee1c0dc6216 # Parent b9c58e6a654f29fcc49a12457ed12fc57ec15953 Fix possible seg fault in resource_add() and resource_mod()
If a user attempts to add a virtual NIC with a MAC that is already in use, the provider doesn't current check the return from rasd_to_vdev(). This means the net device struct isn't properly filled out and will result in a seg fault.
To fix this, be sure to check the return of rast_to_vdev() and return an error accordingly.
Signed-off-by: Kaitlin Rupert<karupert@us.ibm.com>
diff -r b9c58e6a654f -r d7f583a37de4 src/Virt_VirtualSystemManagementService.c --- a/src/Virt_VirtualSystemManagementService.c Wed Jul 29 11:26:26 2009 -0700 +++ b/src/Virt_VirtualSystemManagementService.c Wed Jul 29 15:05:20 2009 -0700 @@ -1869,6 +1869,7 @@ struct virt_device *list; struct virt_device *dev; int *count = NULL; + const char *msg = NULL;
op = CMGetObjectPath(rasd,&s); if ((op == NULL) || (s.rc != CMPI_RC_OK)) @@ -1915,7 +1916,14 @@ dev =&list[*count];
dev->type = type; - rasd_to_vdev(rasd, dominfo, dev, ns); + msg = rasd_to_vdev(rasd, dominfo, dev, ns); + if (msg != NULL) { + cu_statusf(_BROKER,&s, + CMPI_RC_ERR_FAILED, + "Add resource failed: %s", + msg); + goto out; + }
if ((type == CIM_RES_TYPE_GRAPHICS) || (type == CIM_RES_TYPE_INPUT)) { (*count)++; @@ -1948,6 +1956,7 @@ struct virt_device *list; int *count; int i; + const char *msg = NULL;
if (devid == NULL) { cu_statusf(_BROKER,&s, @@ -1978,7 +1987,14 @@ struct virt_device *dev =&list[i];
if (STREQ(dev->id, devid)) { - rasd_to_vdev(rasd, dominfo, dev, ns); + msg = rasd_to_vdev(rasd, dominfo, dev, ns); + if (msg != NULL) { + cu_statusf(_BROKER,&s, + CMPI_RC_ERR_FAILED, + "Modify resource failed: %s", + msg); + goto out; + }
if ((type == CIM_RES_TYPE_GRAPHICS) || (type == CIM_RES_TYPE_INPUT))
_______________________________________________ Libvirt-cim mailing list Libvirt-cim@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-cim
-- Richard Maciel, MSc IBM Linux Technology Center rmaciel@linux.vnet.ibm.com
participants (2)
-
Kaitlin Rupert -
Richard Maciel