[libvirt PATCH] nodedev: Fix possible NULL pointer dereference on vfiogroup opening

Coverity report: 1193 g_autofree char *vfiogroup = 1194 virMediatedDeviceGetIOMMUGroupDev(def->caps->data.mdev.uuid); calling "open". [Note: The source code implementation of the function has been overridden by a builtin model.] 1195 VIR_AUTOCLOSE fd = open(vfiogroup, O_RDONLY); This patch shuffles the declarations in the affected 'if' block a bit to make it more readable after adding the NULL pointer condition. Note that error is not reported in this patch, because if @vfiogroup is NULL, then it must have been a system error which was already reported by the called function. Don't get confused by virMediatedDeviceGetIOMMUGroupDev returning NULL on an empty UUID, mdevs will always have one. Signed-off-by: Erik Skultety <eskultet(a)redhat.com&gt; --- src/node_device/node_device_driver.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/node_device/node_device_driver.c b/src/node_device/node_device_driver.c index e33d4a965b..7289322050 100644 --- a/src/node_device/node_device_driver.c +++ b/src/node_device/node_device_driver.c @@ -1190,10 +1190,16 @@ nodeDeviceDestroy(virNodeDevicePtr device) * to be opened by one user at a time. So if we get EBUSY when opening * the group, we infer that the device is in use and therefore we * shouldn't try to remove the device. */ - g_autofree char *vfiogroup = - virMediatedDeviceGetIOMMUGroupDev(def->caps->data.mdev.uuid); - VIR_AUTOCLOSE fd = open(vfiogroup, O_RDONLY); g_autofree char *errmsg = NULL; + g_autofree char *vfiogroup = NULL; + const char *uuidstr = def->caps->data.mdev.uuid; + VIR_AUTOCLOSE fd = -1; + + vfiogroup = virMediatedDeviceGetIOMMUGroupDev(uuidstr); + if (!vfiogroup) + goto cleanup; + + fd = open(vfiogroup, O_RDONLY); if (fd < 0 && errno == EBUSY) { virReportError(VIR_ERR_INTERNAL_ERROR, -- 2.30.2