[libvirt] [PATCH] security_manager.c: Append seclabel iff generated

Thursday, 28 March 2013

With my previous patches, we unconditionally appended a seclabel,
even if it wasn't generated but found in array of defined seclabels.
This resulted in double free later when doing virDomainDefFree
and iterating over the array of defined seclabels.

Moreover, there was another possibility of double free, if the
seclabel was generated in the last iteration of the process of
walking trough security managers array.
---
 src/security/security_manager.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index b55af69..b671a91 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -463,6 +463,7 @@ int virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
             } else if (vm->nseclabels && generated) {
                 VIR_DEBUG("Skipping auto generated seclabel of type none");
                 virSecurityLabelDefFree(seclabel);
+                seclabel = NULL;
                 continue;
             }
         }
@@ -472,8 +473,8 @@ int virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
         } else {
             /* The seclabel must be added to @vm prior calling domainGenSecurityLabel
              * which may require seclabel to be presented already */
-
-            if (VIR_APPEND_ELEMENT(vm->seclabels, vm->nseclabels, seclabel) < 0)
{
+            if (generated &&
+                VIR_APPEND_ELEMENT(vm->seclabels, vm->nseclabels, seclabel) < 0)
{
                 virReportOOMError();
                 goto cleanup;
             }
@@ -484,6 +485,8 @@ int virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
                     vm->nseclabels--;
                 goto cleanup;
             }
+
+            seclabel = NULL;
         }
     }
 
-- 
1.8.1.5


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005