Fix crash parsing RNG device specification

Code that validates the whitelist for the RNG device filename
didn't account for fact that filename may be NULL. This led
to a NULL reference crash. This wasn't caught since the test
suite was not covering this XML syntax
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
上级 1cf4ef1f
master openEuler-20.03-LTS openEuler-20.09 v1.0.4-maint v1.0.5-maint v1.0.6-maint v1.1.0-maint v1.1.1-maint v1.1.2-maint v1.1.3-maint v1.1.4-maint v1.2.0-maint v1.2.1-maint v1.2.10-maint v1.2.11-maint v1.2.12-maint v1.2.13-maint v1.2.14-maint v1.2.15-maint v1.2.16-maint v1.2.17-maint v1.2.18-maint v1.2.19-maint v1.2.2-maint v1.2.20-maint v1.2.21-maint v1.2.3-maint v1.2.4-maint v1.2.5-maint v1.2.6-maint v1.2.7-maint v1.2.8-maint v1.2.9-maint v1.3.0-maint v1.3.1-maint v1.3.2-maint v1.3.3-maint v1.3.4-maint v1.3.5-maint v2.0-maint v2.1-maint v2.2-maint v3.0-maint v3.2-maint v3.7-maint v4.1-maint v4.10-maint v4.2-maint v4.3-maint v4.4-maint v4.5-maint v4.6-maint v4.7-maint v4.8-maint v4.9-maint v5.0-maint v5.1-maint v5.1.0-maint v5.2-maint v5.3-maint v6.5.0-rc2 v6.5.0-rc1 v6.4.0 v6.4.0-rc1 v6.3.0 v6.3.0-rc1 v6.2.0 v6.2.0-rc1 v6.1.0 v6.1.0-rc2 v6.1.0-rc1 v6.0.0 v6.0.0-rc2 v6.0.0-rc1 v5.10.0 v5.10.0-rc2 v5.10.0-rc1 v5.9.0 v5.9.0-rc1 v5.8.0 v5.8.0-rc2 v5.8.0-rc1 v5.7.0 v5.7.0-rc2 v5.7.0-rc1 v5.6.0 v5.6.0-rc2 v5.6.0-rc1 v5.5.0 v5.5.0-rc2 v5.5.0-rc1 v5.4.0 v5.4.0-rc2 v5.4.0-rc1 v5.3.0 v5.3.0-rc2 v5.3.0-rc1 v5.2.0 v5.2.0-rc2 v5.2.0-rc1 v5.1.0 v5.1.0-rc2 v5.1.0-rc1 v5.0.0 v5.0.0-rc2 v5.0.0-rc1 v4.10.0 v4.10.0-rc2 v4.10.0-rc1 v4.9.0 v4.9.0-rc1 v4.8.0 v4.8.0-rc2 v4.8.0-rc1 v4.7.0 v4.7.0-rc2 v4.7.0-rc1 v4.6.0 v4.6.0-rc2 v4.6.0-rc1 v4.5.0 v4.5.0-rc2 v4.5.0-rc1 v4.4.0 v4.4.0-rc2 v4.4.0-rc1 v4.3.0 v4.3.0-rc2 v4.3.0-rc1 v4.2.0 v4.2.0-rc2 v4.2.0-rc1 v4.1.0 v4.1.0-rc2 v4.1.0-rc1 v4.0.0 v4.0.0-rc2 v4.0.0-rc1 v3.10.0 v3.10.0-rc2 v3.10.0-rc1 v3.9.0 v3.9.0-rc2 v3.9.0-rc1 v3.8.0 v3.8.0-rc1 v3.7.0 v3.7.0-rc2 v3.7.0-rc1 v3.6.0 v3.6.0-rc2 v3.6.0-rc1 v3.5.0 v3.5.0-rc2 v3.5.0-rc1 v3.4.0 v3.4.0-rc2 v3.4.0-rc1 v3.3.0 v3.3.0-rc2 v3.3.0-rc1 v3.2.1 v3.2.0 v3.2.0-rc2 v3.2.0-rc1 v3.1.0 v3.1.0-rc2 v3.1.0-rc1 v3.0.0 v3.0.0-rc2 v3.0.0-rc1 v2.5.0 v2.5.0-rc2 v2.5.0-rc1 v2.4.0 v2.4.0-rc2 v2.4.0-rc1 v2.3.0 v2.3.0-rc2 v2.3.0-rc1 v2.2.1 v2.2.0 v2.2.0-rc2 v2.2.0-rc1 v2.1.0 v2.1.0-rc1 v2.0.0 v2.0.0-rc2 v2.0.0-rc1 v1.3.5 v1.3.5-rc1 v1.3.4 v1.3.4-rc2 v1.3.4-rc1 v1.3.3.3 v1.3.3.2 v1.3.3.1 v1.3.3 v1.3.3-rc2 v1.3.3-rc1 v1.3.2 v1.3.2-rc2 v1.3.2-rc1 v1.3.1 v1.3.1-rc2 v1.3.1-rc1 v1.3.0 v1.3.0-rc2 v1.3.0-rc1 v1.2.21 v1.2.21-rc2 v1.2.21-rc1 v1.2.20 v1.2.20-rc2 v1.2.20-rc1 v1.2.19 v1.2.19-rc2 v1.2.19-rc1 v1.2.18.4 v1.2.18.3 v1.2.18.2 v1.2.18.1 v1.2.18 v1.2.18-rc2 v1.2.18-rc1 v1.2.17 v1.2.17-rc2 v1.2.17-rc1 v1.2.16 v1.2.16-rc2 v1.2.16-rc1 v1.2.15 v1.2.15-rc2 v1.2.15-rc1 v1.2.14 v1.2.14-rc2 v1.2.14-rc1 v1.2.13.2 v1.2.13.1 v1.2.13 v1.2.13-rc2 v1.2.13-rc1 v1.2.12 v1.2.12-rc2 v1.2.12-rc1 v1.2.11 v1.2.11-rc2 v1.2.11-rc1 v1.2.10 v1.2.10-rc2 v1.2.10-rc1 v1.2.9.3 v1.2.9.2 v1.2.9.1 v1.2.9 v1.2.9-rc2 v1.2.9-rc1 v1.2.8 v1.2.8-rc2 v1.2.8-rc1 v1.2.7 v1.2.7-rc2 v1.2.7-rc1 v1.2.6 v1.2.6-rc2 v1.2.6-rc1 v1.2.5 v1.2.5-rc2 v1.2.5-rc1 v1.2.4 v1.2.4-rc2 v1.2.4-rc1 v1.2.3 v1.2.3-rc2 v1.2.3-rc1 v1.2.2 v1.2.2-rc2 v1.2.2-rc1 v1.2.1 v1.2.1-rc2 v1.2.1-rc1 v1.2.0 v1.2.0-rc2 v1.2.0-rc1 v1.1.4 v1.1.4-rc2 v1.1.4-rc1 v1.1.3.9 v1.1.3.8 v1.1.3.7 v1.1.3.6 v1.1.3.5 v1.1.3.4 v1.1.3.3 v1.1.3.2 v1.1.3.1 v1.1.3 v1.1.3-rc2 v1.1.3-rc1 v1.1.2 v1.1.2-rc2 v1.1.2-rc1 v1.1.1 v1.1.1-rc2 v1.1.1-rc1 v1.1.0 v1.1.0-rc2 v1.1.0-rc1 v1.0.6 v1.0.6-rc2 v1.0.6-rc1 v1.0.5.9 v1.0.5.8 v1.0.5.7 v1.0.5.6 v1.0.5.5 v1.0.5.4 v1.0.5.3 v1.0.5.2 v1.0.5.1 v1.0.5 v1.0.5-rc1 v1.0.4 v1.0.4-rc2 v1.0.4-rc1 CVE-2017-1000256 CVE-2017-2635 CVE-2016-5008 CVE-2015-5313 CVE-2015-5247-3 CVE-2015-5247-2 CVE-2015-5247-1 CVE-2015-0236-2 CVE-2015-0236-1 CVE-2014-8136 CVE-2014-8135 CVE-2014-8131-2 CVE-2014-8131-1 CVE-2014-7823 CVE-2014-3657 CVE-2014-3633 CVE-2014-1447-2 CVE-2014-1447-1 CVE-2014-0179 CVE-2014-0028 CVE-2013-7336 CVE-2013-6458-4 CVE-2013-6458-3 CVE-2013-6458-2 CVE-2013-6458-1 CVE-2013-6457 CVE-2013-6436 CVE-2013-5651 CVE-2013-4401 CVE-2013-4400-3 CVE-2013-4400-2 CVE-2013-4400-1 CVE-2013-4399 CVE-2013-4311 CVE-2013-4297 CVE-2013-4296 CVE-2013-4292 CVE-2013-4291 CVE-2013-4239 CVE-2013-4154 CVE-2013-4153 CVE-2013-2230 CVE-2013-2218 CVE-2013-1962
无相关合并请求
......@@ -7424,7 +7424,8 @@ virDomainRNGDefParseXML(const xmlNodePtr node,
switch ((enum virDomainRNGBackend) def->backend) {
case VIR_DOMAIN_RNG_BACKEND_RANDOM:
def->source.file = virXPathString("string(./backend)", ctxt);
if (STRNEQ(def->source.file, "/dev/random") &&
if (def->source.file &&
STRNEQ(def->source.file, "/dev/random") &&
STRNEQ(def->source.file, "/dev/hwrng")) {
virReportError(VIR_ERR_XML_ERROR,
_("file '%s' is not a supported random source"),
......
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu \
-S -M pc -m 214 -smp 1 -nographic -nodefaults \
-monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb \
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 \
-object rng-random,id=rng0 \
-device virtio-rng-pci,rng=rng0,bus=pci.0,addr=0x4
<domain type='qemu'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
<currentMemory unit='KiB'>219100</currentMemory>
<vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu>
<os>
<type arch='i686' machine='pc'>hvm</type>
<boot dev='hd'/>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/bin/qemu</emulator>
<controller type='usb' index='0'/>
<memballoon model='virtio'/>
<rng model='virtio'>
<backend model='random'/>
</rng>
</devices>
</domain>
......@@ -882,6 +882,8 @@ mymain(void)
QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_VIDEO_PRIMARY,
QEMU_CAPS_DEVICE_QXL, QEMU_CAPS_DEVICE_QXL_VGA);
DO_TEST("virtio-rng-default", QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_VIRTIO_RNG,
QEMU_CAPS_OBJECT_RNG_RANDOM);
DO_TEST("virtio-rng-random", QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_VIRTIO_RNG,
QEMU_CAPS_OBJECT_RNG_RANDOM);
DO_TEST("virtio-rng-egd", QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_VIRTIO_RNG,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册
反馈
建议
客服 返回
顶部