On 09/25/2014 11:39 AM, Daniel P. Berrange wrote:
On Thu, Sep 25, 2014 at 11:33:34AM +0200, Jiri Denemark wrote:
> On Thu, Sep 25, 2014 at 11:19:34 +0200, Pavel Hrdina wrote:
>> The changes in commit c7542573 introduced a segfault. Found by coverity.
>>
>> Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
>> ---
>> src/access/viraccessdriverpolkit.c | 12 ++++++------
>> 1 file changed, 6 insertions(+), 6 deletions(-)
>>
>> diff --git a/src/access/viraccessdriverpolkit.c
b/src/access/viraccessdriverpolkit.c
>> index 2bc1842..2fd4fed 100644
>> --- a/src/access/viraccessdriverpolkit.c
>> +++ b/src/access/viraccessdriverpolkit.c
>> @@ -87,6 +87,12 @@ virAccessDriverPolkitGetCaller(const char *actionid,
>> actionid);
>> return -1;
>> }
>> + if (!pid) {
>> + virAccessError(VIR_ERR_INTERNAL_ERROR, "%s",
>> + _("No UNIX process ID available"));
>> + goto cleanup;
>> + }
>> +
>> if (virIdentityGetUNIXProcessID(identity, pid) < 0)
>> goto cleanup;
>> if (virIdentityGetUNIXProcessTime(identity, startTime) < 0)
>> @@ -94,12 +100,6 @@ virAccessDriverPolkitGetCaller(const char *actionid,
>> if (virIdentityGetUNIXUserID(identity, uid) < 0)
>> goto cleanup;
>>
>> - if (!pid) {
>
> I think Daniel rather wanted to check if (!*pid).
Yes, that's what the original code was doing.
So the correct fix is to report that error if function
"virIdentityGetUNIXProcessID" fails. I'll post v2.
Pavel
Regards,
Daniel