From: Michal Privoznik <mprivozn@redhat.com> Simirarly to virAuthGetUsernamePath() check whether callback used to collect credentials is actually set before calling it. This bug is easily reproducible, for instance as: int credtype[] = { VIR_CRED_PASSPHRASE }; virConnectPtr conn = virConnectOpenAuth("esx://root@example.com/", &(virConnectAuth){ .credtype = credtype, .ncredtype = 1, .cb = NULL }, 0); Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/util/virauth.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/util/virauth.c b/src/util/virauth.c index fd4b13de7a..2820220897 100644 --- a/src/util/virauth.c +++ b/src/util/virauth.c @@ -229,6 +229,12 @@ virAuthGetPasswordPath(const char *path, return NULL; } + if (!auth->cb) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("Missing authentication callback")); + return NULL; + } + prompt = g_strdup_printf(_("Enter %1$s's password for %2$s"), username, hostname); if (!(cred = virAuthAskCredential(auth, prompt, false))) -- 2.53.0