提交 31c698d7 编写于 作者: D Daniel P. Berrange

Avoid crash in security driver if model is NULL

If the XML security model is NULL, it is assumed that the current
model will be used with dynamic labelling. The verify step is
meaningless and potentially crashes if dereferencing NULL

* src/security/security_manager.c: Skip NULL model on verify
上级 bda57661
...@@ -309,6 +309,14 @@ int virSecurityManagerSetProcessLabel(virSecurityManagerPtr mgr, ...@@ -309,6 +309,14 @@ int virSecurityManagerSetProcessLabel(virSecurityManagerPtr mgr,
int virSecurityManagerVerify(virSecurityManagerPtr mgr, int virSecurityManagerVerify(virSecurityManagerPtr mgr,
virDomainDefPtr def) virDomainDefPtr def)
{ {
const virSecurityLabelDefPtr secdef = &def->seclabel;
/* NULL model == dynamic labelling, with whatever driver
* is active, so we can short circuit verify check to
* avoid drivers de-referencing NULLs by accident
*/
if (!secdef->model)
return 0;
if (mgr->drv->domainSecurityVerify) if (mgr->drv->domainSecurityVerify)
return mgr->drv->domainSecurityVerify(mgr, def); return mgr->drv->domainSecurityVerify(mgr, def);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册