From eae6101d5bb75249bedd608f7c4065c580399289 Mon Sep 17 00:00:00 2001
From: Alex Jia <ajia@redhat.com>
Date: Mon, 18 Jun 2012 16:30:19 -0600
Subject: [PATCH] util: avoid null deref on qcowXGetBackingStore
To: libvir-list@redhat.com
5.9: https://bugzilla.redhat.com/show_bug.cgi?id=772848
Detected by Coverity. the only case is caller passes a NULL to 'format' variable,
then taking 'if (format)' false branch, the function qcow2GetBackingStoreFormat
will directly dereferences the NULL 'format' pointer variable.
Signed-off-by: Alex Jia <ajia@redhat.com>
(cherry picked from commit a001a5e28b920a6a89f1e4c47ef311a988f7f341)
Signed-off-by: Daniel Veillard <veillard@redhat.com>
---
src/util/storage_file.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/util/storage_file.c b/src/util/storage_file.c
index 530f3e3..97e24b8 100644
--- a/src/util/storage_file.c
+++ b/src/util/storage_file.c
@@ -316,7 +316,7 @@ qcowXGetBackingStore(char **res,
* between the end of the header (QCOW2_HDR_TOTAL_SIZE)
* and the start of the backingStoreName (offset)
*/
- if (isQCow2)
+ if (isQCow2 && format)
qcow2GetBackingStoreFormat(format, buf, buf_size, QCOW2_HDR_TOTAL_SIZE, offset);
return BACKING_STORE_OK;
--
1.7.7.4
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
ebe084c140192657f9094e135a84202c
>
files
>
139
