If the application does not supply an authentication callback, and tries to
connect to a server with PolicyKit auth turned on it will try to deference
a NULL pointer with predictably crashtastic results:
https://bugzilla.redhat.com/show_bug.cgi?id=427107
This patch has been tested by bug reporter to fix the issue
Index: src/remote_internal.c
===================================================================
RCS file: /data/cvs/libvirt/src/remote_internal.c,v
retrieving revision 1.49
diff -u -p -r1.49 remote_internal.c
--- src/remote_internal.c 17 Dec 2007 17:41:02 -0000 1.49
+++ src/remote_internal.c 31 Dec 2007 20:30:19 -0000
@@ -3347,24 +3347,26 @@ remoteAuthPolkit (virConnectPtr conn, st
};
remoteDebug(priv, "Client initialize PolicyKit authentication");
- for (i = 0 ; i < auth->ncredtype ; i++) {
- if (auth->credtype[i] == VIR_CRED_EXTERNAL)
- allowcb = 1;
- }
+ if (auth && auth->cb) {
+ /* Check if the neccessary credential type for PolicyKit is supported */
+ for (i = 0 ; i < auth->ncredtype ; i++) {
+ if (auth->credtype[i] == VIR_CRED_EXTERNAL)
+ allowcb = 1;
+ }
- /* Run the authentication callback */
- if (allowcb) {
- if (auth && auth->cb &&
- (*(auth->cb))(&cred, 1, auth->cbdata) < 0) {
- __virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE,
- VIR_ERR_AUTH_FAILED, VIR_ERR_ERROR, NULL, NULL, NULL, 0, 0,
- "Failed to collect auth credentials");
- return -1;
+ if (allowcb) {
+ /* Run the authentication callback */
+ if ((*(auth->cb))(&cred, 1, auth->cbdata) < 0) {
+ __virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE,
+ VIR_ERR_AUTH_FAILED, VIR_ERR_ERROR, NULL, NULL, NULL, 0,
0,
+ "Failed to collect auth credentials");
+ return -1;
+ }
} else {
- remoteDebug(priv, "No auth callback provided for PolicyKit");
+ remoteDebug(priv, "Client auth callback does not support
PolicyKit");
}
} else {
- remoteDebug(priv, "Client auth callback does not support PolicyKit");
+ remoteDebug(priv, "No auth callback provided");
}
memset (&ret, 0, sizeof ret);
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules:
http://search.cpan.org/~danberr/ -=|
|=- Projects:
http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|