From fc5c1e7fe92c08f3e57cef49d224f8b5ca3a8cc4 Mon Sep 17 00:00:00 2001
From: John Ferlan <jferlan@redhat.com>
Date: Tue, 10 May 2016 14:26:44 -0400
Subject: [PATCH] qemu: Add extra checks for secret destroy API's

Remove the possibility that a NULL hostdev->privateData or a
disk->privateData could crash libvirtd by checking for NULL
before dereferencing for the secinfo structure in the
qemuDomainSecret{Disk|Hostdev}Destroy functions. The hostdevPriv
could be NULL if qemuProcessNetworkPrepareDevices adds a new
hostdev during virDomainNetGetActualHostdev that then gets
inserted via virDomainHostdevInsert. The hostdevPriv was added
by commit id '27726d8' and is currently only used by scsi hostdev.
---
 src/qemu/qemu_domain.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 93f0a01b4e..0cddb86b51 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -903,7 +903,7 @@ qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk)
 {
     qemuDomainDiskPrivatePtr diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
 
-    if (!diskPriv->secinfo)
+    if (!diskPriv || !diskPriv->secinfo)
         return;
 
     qemuDomainSecretInfoFree(&diskPriv->secinfo);
@@ -964,7 +964,7 @@ qemuDomainSecretHostdevDestroy(virDomainHostdevDefPtr hostdev)
     qemuDomainHostdevPrivatePtr hostdevPriv =
         QEMU_DOMAIN_HOSTDEV_PRIVATE(hostdev);
 
-    if (!hostdevPriv->secinfo)
+    if (!hostdevPriv || !hostdevPriv->secinfo)
         return;
 
     qemuDomainSecretInfoFree(&hostdevPriv->secinfo);
-- 
GitLab