[PATCH 1/4] storageBackendProbeTarget: Check return value of virStorageSourceNewFromBacking
Commit bc3a78f61a2aaac3 errorneously removed the return value check from
virStorageSourceNewFromBacking. In cases when we e.g. can't parse the
backing store string this leads to a crash:
#0 virStorageSourceGetActualType (def=0x0) at
../../../libvirt/src/conf/storage_source_conf.c:1014
#1 0x00007ffff7cee4f9 in virStorageSourceIsLocalStorage (src=<optimized out>) at
../../../libvirt/src/conf/storage_source_conf.c:1026
#2 0x00007ffff455c97c in storageBackendProbeTarget (encryption=0x7fff9c122ce8,
target=0x7fff9c122c68) at ../../../libvirt/src/storage/storage_util.c:3443
#3 virStorageBackendRefreshVolTargetUpdate (vol=0x7fff9c122c30) at
../../../libvirt/src/storage/storage_util.c:3519
#4 0x00007ffff455cdc0 in virStorageBackendRefreshLocal (pool=0x7fff9c010ea0) at
../../../libvirt/src/storage/storage_util.c:3593
#5 0x00007ffff454f0a1 in storagePoolRefreshImpl
(backend=backend@entry=0x7ffff4711180 <virStorageBackendDirectory>,
obj=obj@entry=0x7fff9c010ea0, stateFile=stateFile@entry=0x7fff9c111a90
"/var/run/libvirt/storage/tmp.xml") at
../../../libvirt/src/storage/storage_driver.c:103
#6 0x00007ffff4550ea5 in storagePoolUpdateStateCallback (obj=0x7fff9c010ea0,
opaque=<optimized out>) at ../../../libvirt/src/storage/storage_driver.c:165
#7 0x00007ffff7cefef4 in virStoragePoolObjListForEachCb (payload=<optimized out>,
name=<optimized out>, opaque=0x7fffc8a489c0)
at ../../../libvirt/src/conf/virstorageobj.c:435
#8 0x00007ffff7c03195 in virHashForEachSafe
(table=<optimized out>, iter=iter@entry=0x7ffff7cefec0
<virStoragePoolObjListForEachCb>, opaque=opaque@entry=0x7fffc8a489c0)
at ../../../libvirt/src/util/virhash.c:414
#9 0x00007ffff7cf0520 in virStoragePoolObjListForEach
(pools=<optimized out>, iter=iter@entry=0x7ffff4550e10
<storagePoolUpdateStateCallback>, opaque=opaque@entry=0x0)
at ../../../libvirt/src/conf/virstorageobj.c:468
#10 0x00007ffff454f43a in storagePoolUpdateAllState () at
../../../libvirt/src/storage/storage_driver.c:184
#11 storageStateInitialize (privileged=<optimized out>, root=<optimized out>,
callback=<optimized out>, opaque=<optimized out>)
at ../../../libvirt/src/storage/storage_driver.c:315
#12 0x00007ffff7e10c04 in virStateInitialize
(opaque=0x555555621820, callback=0x55555557b1d0 <daemonInhibitCallback>,
root=0x0, mandatory=<optimized out>, privileged=true)
at ../../../libvirt/src/libvirt.c:656
#13 virStateInitialize
(privileged=<optimized out>, mandatory=mandatory@entry=false,
root=root@entry=0x0, callback=callback@entry=0x55555557b1d0 <daemonInhibitCallback>,
opaque=opaque@entry=0x555555621820) at ../../../libvirt/src/libvirt.c:638
#14 0x000055555557b230 in daemonRunStateInit (opaque=0x555555621820) at
../../../libvirt/src/remote/remote_daemon.c:605
#15 0x00007ffff7c46bb5 in virThreadHelper (data=<optimized out>) at
../../../libvirt/src/util/virthread.c:233
#16 0x00007ffff6e453f9 in start_thread () at /lib64/libpthread.so.0
#17 0x00007ffff766fb53 in clone () at /lib64/libc.so
An invalid image can be easily created by:
$ qemu-img create -f qcow2 -F qcow2 -b 'json:{' -u img.qcow2 10M
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/storage/storage_util.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c
index b5adb05826..e71715f908 100644
--- a/src/storage/storage_util.c
+++ b/src/storage/storage_util.c
@@ -3435,7 +3435,8 @@ storageBackendProbeTarget(virStorageSourcePtr target,
return -1;
if (meta->backingStoreRaw) {
- virStorageSourceNewFromBacking(meta, &target->backingStore);
+ if (virStorageSourceNewFromBacking(meta, &target->backingStore) < 0)
+ return -1;
/* XXX: Remote storage doesn't play nicely with volumes backed by
* remote storage. To avoid trouble, just fake the backing store is RAW
--
2.29.2