From eae6101d5bb75249bedd608f7c4065c580399289 Mon Sep 17 00:00:00 2001 From: Alex Jia <ajia@redhat.com> Date: Mon, 18 Jun 2012 16:30:19 -0600 Subject: [PATCH] util: avoid null deref on qcowXGetBackingStore To: libvir-list@redhat.com 5.9: https://bugzilla.redhat.com/show_bug.cgi?id=772848 Detected by Coverity. the only case is caller passes a NULL to 'format' variable, then taking 'if (format)' false branch, the function qcow2GetBackingStoreFormat will directly dereferences the NULL 'format' pointer variable. Signed-off-by: Alex Jia <ajia@redhat.com> (cherry picked from commit a001a5e28b920a6a89f1e4c47ef311a988f7f341) Signed-off-by: Daniel Veillard <veillard@redhat.com> --- src/util/storage_file.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/util/storage_file.c b/src/util/storage_file.c index 530f3e3..97e24b8 100644 --- a/src/util/storage_file.c +++ b/src/util/storage_file.c @@ -316,7 +316,7 @@ qcowXGetBackingStore(char **res, * between the end of the header (QCOW2_HDR_TOTAL_SIZE) * and the start of the backingStoreName (offset) */ - if (isQCow2) + if (isQCow2 && format) qcow2GetBackingStoreFormat(format, buf, buf_size, QCOW2_HDR_TOTAL_SIZE, offset); return BACKING_STORE_OK; -- 1.7.7.4