External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-03 03:25:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

virNetSSHSessionAuthAddPasswordAuth: Don't access unlocked 'sess'

Browse Source 
'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.

Fixes: 273745b431
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Peter Krempa 2023-01-23 16:40:00 +01:00
parent c97b632283
commit 6aed6becec
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/rpc/virnetsshsession.c
View File

@ -970,14 +970,16 @@ virNetSSHSessionAuthAddPasswordAuth(virNetSSHSession *sess,
{
virNetSSHAuthMethod *auth;
virObjectLock(sess);
if (uri) {
VIR_FREE(sess->authPath);
if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0)
goto error;
if (virAuthGetConfigFilePathURI(uri, &sess->authPath) < 0) {
virObjectUnlock(sess);
return -1;
}
}
virObjectLock(sess);
if (!(auth = virNetSSHSessionAuthMethodNew(sess)))
goto error;