On Thu, Sep 25, 2014 at 05:13:45PM +0200, Michal Privoznik wrote:

Due to a missing check the API can be successfully called even if the connection is ReadOnly. Fortunately, the API hasn't been released yet, so there's no need for a CVE.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/libvirt.c | 1 + 1 file changed, 1 insertion(+)

diff --git a/src/libvirt.c b/src/libvirt.c index 388c040..245c373 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -21893,6 +21893,7 @@ virNodeAllocPages(virConnectPtr conn, virResetLastError();

virCheckConnectReturn(conn, -1); + virCheckReadOnlyGoto(conn->flags, error); virCheckNonZeroArgGoto(npages, error); virCheckNonNullArgGoto(pageSizes, error); virCheckNonNullArgGoto(pageCounts, error);

ACK Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|