External/libvirt
1
0
Fork 0
Code

virNetSSHSessionAuthAddPasswordAuth: Don't access unlocked 'sess'

Browse Source 
'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.

Fixes: 273745b43122a77adf8c73b2e0a852ac42387349
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Peter Krempa 2023-01-23 16:40:00 +01:00
parent c97b632283
commit 6aed6becec
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/rpc/virnetsshsession.c
View File

@ -970,15 +970,17 @@ virNetSSHSessionAuthAddPasswordAuth(virNetSSHSession *sess,
{ {
virNetSSHAuthMethod *auth; virNetSSHAuthMethod *auth;
virObjectLock(sess);
if (uri) { if (uri) {
VIR_FREE(sess->authPath); VIR_FREE(sess->authPath);
if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0) if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0) {
goto error; virObjectUnlock(sess);
return -1;
}
} }
virObjectLock(sess);
if (!(auth = virNetSSHSessionAuthMethodNew(sess))) if (!(auth = virNetSSHSessionAuthMethodNew(sess)))
goto error; goto error;