57023c0 CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats()

Authored and Committed by mkletzan 9 years ago
    CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats()
    
    When user doesn't have read access on one of the domains he requested,
    the for loop could exit abruptly or continue and override pointer which
    pointed to locked object.
    
    This patch fixed two issues at once.  One is that domflags might have
    had QEMU_DOMAIN_STATS_HAVE_JOB even when there was no job started (this
    is fixed by doing domflags |= QEMU_DOMAIN_STATS_HAVE_JOB only when the
    job was acquired and cleaning domflags on every start of the loop.
    Second one is that the domain is kept locked when
    virConnectGetAllDomainStatsCheckACL() fails and continues the loop when
    it didn't end.  Adding a simple virObjectUnlock() and clearing the
    pointer ought to do.
    
    Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
    
        
file modified
+13 -7