render / rpms / libvirt

Forked from rpms/libvirt 10 months ago
Clone
Blob Blame History Raw
From 00cc1b75dd5933bc68236ebc417fc816c4f45651 Mon Sep 17 00:00:00 2001
Message-Id: <00cc1b75dd5933bc68236ebc417fc816c4f45651@dist-git>
From: Michal Privoznik <mprivozn@redhat.com>
Date: Fri, 5 Aug 2016 16:34:37 +0200
Subject: [PATCH] lxcDomainCreateXMLWithFiles: Avoid crash

https://bugzilla.redhat.com/show_bug.cgi?id=1363773

Imagine that you're creating a transient domain, but for some reason,
starting it fails. That is virLXCProcessStart() returns an error. With
current code, in the error handling code the domain object is removed
from the domain object list, @vm is set to NULL and controls jump to
enjob label where virLXCDomainObjEndJob() is called which dereference vm
leading to instant crash.

The fix is to end the job in the error handling code and only after that
remove the domain from the list and jump onto cleanup label instead of
endjob.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 5f5a5a42e5146336430b9284539d4bff3e8bb598)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/lxc/lxc_driver.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 80b7a5c..d47f215 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1265,11 +1265,12 @@ lxcDomainCreateXMLWithFiles(virConnectPtr conn,
                            (flags & VIR_DOMAIN_START_AUTODESTROY),
                            VIR_DOMAIN_RUNNING_BOOTED) < 0) {
         virDomainAuditStart(vm, "booted", false);
+        virLXCDomainObjEndJob(driver, vm);
         if (!vm->persistent) {
             virDomainObjListRemove(driver->domains, vm);
             vm = NULL;
         }
-        goto endjob;
+        goto cleanup;
     }
 
     event = virDomainEventLifecycleNewFromObj(vm,
@@ -1281,7 +1282,6 @@ lxcDomainCreateXMLWithFiles(virConnectPtr conn,
     if (dom)
         dom->id = vm->def->id;
 
- endjob:
     virLXCDomainObjEndJob(driver, vm);
 
  cleanup:
-- 
2.9.2