[libvirt] [PATCH v2] phyp: Fix NULL dereference in phypConnectOpen

Monday, 10 November 2014

Coverity found out that commit cd490086 caused a possible NULL pointer
dereference.  This is due to the fact, that phyp_driver is NULL at the
time of closing the socket, instead of connection_data, which kept the
socket before the mentioned commit, could not be NULL.

However, internal_socket is still the local socket that can be
closed, even unconditionally, if we initialize it to -1.

Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com&gt;
---
 src/phyp/phyp_driver.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c
index 7c8bc5c..386d25f 100644
--- a/src/phyp/phyp_driver.c
+++ b/src/phyp/phyp_driver.c
@@ -1128,7 +1128,7 @@ phypConnectOpen(virConnectPtr conn,
                 virConnectAuthPtr auth, unsigned int flags)
 {
     LIBSSH2_SESSION *session = NULL;
-    int internal_socket;
+    int internal_socket = -1;
     uuid_tablePtr uuid_table = NULL;
     phyp_driverPtr phyp_driver = NULL;
     char *char_ptr;
@@ -1232,7 +1232,7 @@ phypConnectOpen(virConnectPtr conn,
         libssh2_session_free(session);
     }

-    VIR_FORCE_CLOSE(phyp_driver->sock);
+    VIR_FORCE_CLOSE(internal_socket);

     return VIR_DRV_OPEN_ERROR;
 }
-- 
2.1.3


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH v2] phyp: Fix NULL dereference in phypConnectOpen