Fix crash in DAC driver with no seclabels

With dynamic_ownership = 1 but no seclabels, RestoreChardevLabel dereferences the NULL seclabel when checking if norelabel is set. Remove this check, since it is already done in RestoreSecurityAllLabel and if norelabel is set, RestoreChardevLabel is never called.

Fix crash in DAC driver with no seclabels
With dynamic_ownership = 1 but no seclabels, RestoreChardevLabel dereferences the NULL seclabel when checking if norelabel is set. Remove this check, since it is already done in RestoreSecurityAllLabel and if norelabel is set, RestoreChardevLabel is never called.
88e36a69 · Ján Tomko · 4bafe312 · 88e36a69
隐藏空白更改
内联并排

Showing with 2 addition and 5 deletion

src/security/security_dac.c src/security/security_dac.c +2 -5

未找到文件。
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -768,22 +768,19 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
 static int
 virSecurityDACRestoreChardevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
-                                  virDomainDefPtr def,
+                                  virDomainDefPtr def ATTRIBUTE_UNUSED,
                                  virDomainChrDefPtr dev,
                                  virDomainChrSourceDefPtr dev_source)
 {
-    virSecurityLabelDefPtr seclabel;
    virSecurityDeviceLabelDefPtr chr_seclabel = NULL;
    char *in = NULL, *out = NULL;
    int ret = -1;
-    seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
    if (dev)
        chr_seclabel = virDomainChrDefGetSecurityLabelDef(dev,
                                                          SECURITY_DAC_NAME);
-    if (seclabel->norelabel || (chr_seclabel && chr_seclabel->norelabel))
+    if (chr_seclabel && chr_seclabel->norelabel)
        return 0;
    switch ((enum virDomainChrType) dev_source->type) {