Commit 7efe930ec3c introduced interlock of snapshots and checkpoints, but the check is executed prior to the snapshot API ACL check. This means that an unauthorized user can see whether a VM exists if it has a checkpoint. Move the checks to proper places. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- Given that currently checkpoints by themselves are not very useful I doubt that there are users which could hit this. Thus I'm sending it also directly to the public mailing list for faster turnaround. src/qemu/qemu_driver.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 0753904472..f7f059b6d6 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -15902,18 +15902,18 @@ qemuDomainSnapshotCreateXML(virDomainPtr domain, if (!(vm = qemuDomObjFromDomain(domain))) goto cleanup; - if (virDomainListCheckpoints(vm->checkpoints, NULL, domain, NULL, 0) > 0) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("cannot create snapshot while checkpoint exists")); - goto cleanup; - } - priv = vm->privateData; cfg = virQEMUDriverGetConfig(driver); if (virDomainSnapshotCreateXMLEnsureACL(domain->conn, vm->def, flags) < 0) goto cleanup; + if (virDomainListCheckpoints(vm->checkpoints, NULL, domain, NULL, 0) > 0) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("cannot create snapshot while checkpoint exists")); + goto cleanup; + } + if (!(caps = virQEMUDriverGetCapabilities(driver, false))) goto cleanup; -- 2.21.0