File 447f69de-CVE-2021-3667.patch of Package libvirt

Overview Repositories Revisions Requests Users Attributes Meta

File 447f69de-CVE-2021-3667.patch of Package libvirt

commit 447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87
Author: Peter Krempa <pkrempa@redhat.com>
Date:   Wed Jul 21 11:22:25 2021 +0200

storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath
    
    'virStoragePoolObjListSearch' returns a locked and refed object, thus we
    must release it on ACL permission failure.
    
    Fixes: 7aa0e8c0cb8
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1984318
    Signed-off-by: Peter Krempa <pkrempa@redhat.com>
    Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

Index: libvirt-7.1.0/src/storage/storage_driver.c
===================================================================
--- libvirt-7.1.0.orig/src/storage/storage_driver.c
+++ libvirt-7.1.0/src/storage/storage_driver.c
@@ -1739,8 +1739,10 @@ storagePoolLookupByTargetPath(virConnect
                                            storagePoolLookupByTargetPathCallback,
                                            cleanpath))) {
         def = virStoragePoolObjGetDef(obj);
-        if (virStoragePoolLookupByTargetPathEnsureACL(conn, def) < 0)
+        if (virStoragePoolLookupByTargetPathEnsureACL(conn, def) < 0) {
+            virStoragePoolObjEndAPI(&obj);
             return NULL;
+        }
 
         pool = virGetStoragePool(conn, def->name, def->uuid, NULL, NULL);
         virStoragePoolObjEndAPI(&obj);

xxxxxxxxxx
 
commit 447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87
Author: Peter Krempa <pkrempa@redhat.com>
Date:   Wed Jul 21 11:22:25 2021 +0200
​
    storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath
    
    'virStoragePoolObjListSearch' returns a locked and refed object, thus we
    must release it on ACL permission failure.
    
    Fixes: 7aa0e8c0cb8
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1984318
    Signed-off-by: Peter Krempa <pkrempa@redhat.com>
    Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
​
Index: libvirt-7.1.0/src/storage/storage_driver.c
===================================================================
--- libvirt-7.1.0.orig/src/storage/storage_driver.c
+++ libvirt-7.1.0/src/storage/storage_driver.c
@@ -1739,8 +1739,10 @@ storagePoolLookupByTargetPath(virConnect
                                            storagePoolLookupByTargetPathCallback,
                                            cleanpath))) {
         def = virStoragePoolObjGetDef(obj);
-        if (virStoragePoolLookupByTargetPathEnsureACL(conn, def) < 0)
+        if (virStoragePoolLookupByTargetPathEnsureACL(conn, def) < 0) {
+            virStoragePoolObjEndAPI(&obj);
             return NULL;
+        }
 
         pool = virGetStoragePool(conn, def->name, def->uuid, NULL, NULL);
         virStoragePoolObjEndAPI(&obj);
​

Places

File 447f69de-CVE-2021-3667.patch of Package libvirt

Places