From ad886fa6c8ebc321a0386a75c187d315111cf1f3 Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Mar 25 2015 12:37:41 +0000
Subject: util: identity: Harden virIdentitySetCurrent()


Don't unref the old identity unless we set the new one correctly and
unref the new one on failure to set it so that we don't leak any
references or use invalid pointers.

---

diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 6f3baee..9b8ba4a 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -111,15 +111,17 @@ int virIdentitySetCurrent(virIdentityPtr ident)
         return -1;
 
     old = virThreadLocalGet(&virIdentityCurrent);
-    virObjectUnref(old);
 
     if (virThreadLocalSet(&virIdentityCurrent,
                           virObjectRef(ident)) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                        _("Unable to set thread local identity"));
+        virObjectUnref(ident);
         return -1;
     }
 
+    virObjectUnref(old);
+
     return 0;
 }