d71922
From 58235a6cc62f33a6934d214e967b6ef879a77ec0 Mon Sep 17 00:00:00 2001
d71922
Message-Id: <58235a6cc62f33a6934d214e967b6ef879a77ec0@dist-git>
d71922
From: Michal Privoznik <mprivozn@redhat.com>
d71922
Date: Tue, 16 Feb 2016 11:55:12 +0100
d71922
Subject: [PATCH] dbus: Don't unref NULL messages
d71922
d71922
https://bugzilla.redhat.com/show_bug.cgi?id=1308494
d71922
d71922
Apparently we are not the only ones with dumb free functions
d71922
because dbus_message_unref() does not accept NULL either. But if
d71922
I were to vote, this one is even more evil. Instead of returning
d71922
an error just like we do it immediately dereference any pointer
d71922
passed and thus crash you app. Well done DBus!
d71922
d71922
  Program received signal SIGSEGV, Segmentation fault.
d71922
  [Switching to Thread 0x7f878ebda700 (LWP 31264)]
d71922
  0x00007f87be4016e5 in ?? () from /usr/lib64/libdbus-1.so.3
d71922
  (gdb) bt
d71922
  #0  0x00007f87be4016e5 in ?? () from /usr/lib64/libdbus-1.so.3
d71922
  #1  0x00007f87be3f004e in dbus_message_unref () from /usr/lib64/libdbus-1.so.3
d71922
  #2  0x00007f87bf6ecf95 in virSystemdGetMachineNameByPID (pid=9849) at util/virsystemd.c:228
d71922
  #3  0x00007f879761bd4d in qemuConnectCgroup (driver=0x7f87600a32a0, vm=0x7f87600c7550) at qemu/qemu_cgroup.c:909
d71922
  #4  0x00007f87976386b7 in qemuProcessReconnect (opaque=0x7f87600db840) at qemu/qemu_process.c:3386
d71922
  #5  0x00007f87bf6edfff in virThreadHelper (data=0x7f87600d5580) at util/virthread.c:206
d71922
  #6  0x00007f87bb602334 in start_thread (arg=0x7f878ebda700) at pthread_create.c:333
d71922
  #7  0x00007f87bb3481bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
d71922
  (gdb) frame 2
d71922
  #2  0x00007f87bf6ecf95 in virSystemdGetMachineNameByPID (pid=9849) at util/virsystemd.c:228
d71922
  228         dbus_message_unref(reply);
d71922
  (gdb) p reply
d71922
  $1 = (DBusMessage *) 0x0
d71922
d71922
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
d71922
(cherry picked from commit 862298a2e7bef059b73f477e8a88d403c523e10b)
d71922
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
d71922
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
d71922
---
d71922
 src/libvirt_private.syms |  1 +
d71922
 src/rpc/virnetdaemon.c   |  4 ++--
d71922
 src/util/virdbus.c       | 14 +++++++-------
d71922
 src/util/virdbus.h       |  1 -
d71922
 src/util/virfirewall.c   |  3 +--
d71922
 src/util/virsystemd.c    |  2 +-
d71922
 tests/virdbustest.c      | 20 ++++++++++----------
d71922
 tests/virfirewalltest.c  |  3 +--
d71922
 tests/virpolkittest.c    |  2 +-
d71922
 tests/virsystemdtest.c   |  3 ++-
d71922
 10 files changed, 26 insertions(+), 27 deletions(-)
d71922
d71922
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
d71922
index 4ad9266..86909c1 100644
d71922
--- a/src/libvirt_private.syms
d71922
+++ b/src/libvirt_private.syms
d71922
@@ -1348,6 +1348,7 @@ virDBusHasSystemBus;
d71922
 virDBusMessageDecode;
d71922
 virDBusMessageEncode;
d71922
 virDBusMessageRead;
d71922
+virDBusMessageUnref;
d71922
 virDBusSetSharedBus;
d71922
 
d71922
 
d71922
diff --git a/src/rpc/virnetdaemon.c b/src/rpc/virnetdaemon.c
d71922
index 910f266..18c962c 100644
d71922
--- a/src/rpc/virnetdaemon.c
d71922
+++ b/src/rpc/virnetdaemon.c
d71922
@@ -374,7 +374,7 @@ virNetDaemonGotInhibitReply(DBusPendingCall *pending,
d71922
             VIR_FORCE_CLOSE(fd);
d71922
         }
d71922
     }
d71922
-    dbus_message_unref(reply);
d71922
+    virDBusMessageUnref(reply);
d71922
 
d71922
  cleanup:
d71922
     virObjectUnlock(dmn);
d71922
@@ -426,7 +426,7 @@ virNetDaemonCallInhibit(virNetDaemonPtr dmn,
d71922
                                      dmn, NULL);
d71922
         dmn->autoShutdownCallingInhibit = true;
d71922
     }
d71922
-    dbus_message_unref(message);
d71922
+    virDBusMessageUnref(message);
d71922
 }
d71922
 #endif
d71922
 
d71922
diff --git a/src/util/virdbus.c b/src/util/virdbus.c
d71922
index 1cf1eef..a34e845 100644
d71922
--- a/src/util/virdbus.c
d71922
+++ b/src/util/virdbus.c
d71922
@@ -1394,7 +1394,7 @@ int virDBusCreateMethodV(DBusMessage **call,
d71922
     }
d71922
 
d71922
     if (virDBusMessageEncodeArgs(*call, types, args) < 0) {
d71922
-        dbus_message_unref(*call);
d71922
+        virDBusMessageUnref(*call);
d71922
         *call = NULL;
d71922
         goto cleanup;
d71922
     }
d71922
@@ -1463,7 +1463,7 @@ int virDBusCreateReplyV(DBusMessage **reply,
d71922
     }
d71922
 
d71922
     if (virDBusMessageEncodeArgs(*reply, types, args) < 0) {
d71922
-        dbus_message_unref(*reply);
d71922
+        virDBusMessageUnref(*reply);
d71922
         *reply = NULL;
d71922
         goto cleanup;
d71922
     }
d71922
@@ -1582,7 +1582,7 @@ virDBusCall(DBusConnection *conn,
d71922
         if (ret == 0 && replyout)
d71922
             *replyout = reply;
d71922
         else
d71922
-            dbus_message_unref(reply);
d71922
+            virDBusMessageUnref(reply);
d71922
     }
d71922
     return ret;
d71922
 }
d71922
@@ -1646,8 +1646,7 @@ int virDBusCallMethod(DBusConnection *conn,
d71922
     ret = virDBusCall(conn, call, replyout, error);
d71922
 
d71922
  cleanup:
d71922
-    if (call)
d71922
-        dbus_message_unref(call);
d71922
+    virDBusMessageUnref(call);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -1723,7 +1722,7 @@ static int virDBusIsServiceInList(const char *listMethod, const char *name)
d71922
     }
d71922
 
d71922
  cleanup:
d71922
-    dbus_message_unref(reply);
d71922
+    virDBusMessageUnref(reply);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -1759,7 +1758,8 @@ int virDBusIsServiceRegistered(const char *name)
d71922
 
d71922
 void virDBusMessageUnref(DBusMessage *msg)
d71922
 {
d71922
-    dbus_message_unref(msg);
d71922
+    if (msg)
d71922
+        dbus_message_unref(msg);
d71922
 }
d71922
 
d71922
 #else /* ! WITH_DBUS */
d71922
diff --git a/src/util/virdbus.h b/src/util/virdbus.h
d71922
index 9e86538..86b4223 100644
d71922
--- a/src/util/virdbus.h
d71922
+++ b/src/util/virdbus.h
d71922
@@ -28,7 +28,6 @@
d71922
 # else
d71922
 #  define DBusConnection void
d71922
 #  define DBusMessage void
d71922
-#  define dbus_message_unref(m) do {} while (0)
d71922
 # endif
d71922
 # include "internal.h"
d71922
 
d71922
diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c
d71922
index a972c05..f26fd86 100644
d71922
--- a/src/util/virfirewall.c
d71922
+++ b/src/util/virfirewall.c
d71922
@@ -822,8 +822,7 @@ virFirewallApplyRuleFirewallD(virFirewallRulePtr rule,
d71922
 
d71922
  cleanup:
d71922
     virResetError(&error);
d71922
-    if (reply)
d71922
-        dbus_message_unref(reply);
d71922
+    virDBusMessageUnref(reply);
d71922
     return ret;
d71922
 }
d71922
 
d71922
diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c
d71922
index 7bc5d55..08fd6bb 100644
d71922
--- a/src/util/virsystemd.c
d71922
+++ b/src/util/virsystemd.c
d71922
@@ -225,7 +225,7 @@ virSystemdGetMachineNameByPID(pid_t pid)
d71922
 
d71922
  cleanup:
d71922
     VIR_FREE(object);
d71922
-    dbus_message_unref(reply);
d71922
+    virDBusMessageUnref(reply);
d71922
 
d71922
     return name;
d71922
 }
d71922
diff --git a/tests/virdbustest.c b/tests/virdbustest.c
d71922
index 4ec3c0d..1622b03 100644
d71922
--- a/tests/virdbustest.c
d71922
+++ b/tests/virdbustest.c
d71922
@@ -121,7 +121,7 @@ static int testMessageSimple(const void *args ATTRIBUTE_UNUSED)
d71922
     VIR_FREE(out_string);
d71922
     VIR_FREE(out_signature);
d71922
     VIR_FREE(out_objectpath);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -171,7 +171,7 @@ static int testMessageVariant(const void *args ATTRIBUTE_UNUSED)
d71922
  cleanup:
d71922
     VIR_FREE(out_str1);
d71922
     VIR_FREE(out_str2);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -230,7 +230,7 @@ static int testMessageArray(const void *args ATTRIBUTE_UNUSED)
d71922
  cleanup:
d71922
     VIR_FREE(out_str1);
d71922
     VIR_FREE(out_str2);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -274,7 +274,7 @@ static int testMessageEmptyArrayRef(const void *args ATTRIBUTE_UNUSED)
d71922
     ret = 0;
d71922
 
d71922
  cleanup:
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -323,7 +323,7 @@ static int testMessageSingleArrayRef(const void *args ATTRIBUTE_UNUSED)
d71922
  cleanup:
d71922
     if (out_strv1)
d71922
         VIR_FREE(out_strv1[0]);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -436,7 +436,7 @@ static int testMessageArrayRef(const void *args ATTRIBUTE_UNUSED)
d71922
     for (i = 0; i < out_nstrv2; i++)
d71922
         VIR_FREE(out_strv2[i]);
d71922
     VIR_FREE(out_strv2);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -511,7 +511,7 @@ static int testMessageStruct(const void *args ATTRIBUTE_UNUSED)
d71922
     VIR_FREE(out_string);
d71922
     VIR_FREE(out_signature);
d71922
     VIR_FREE(out_objectpath);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -581,7 +581,7 @@ static int testMessageDict(const void *args ATTRIBUTE_UNUSED)
d71922
     VIR_FREE(out_key1);
d71922
     VIR_FREE(out_key2);
d71922
     VIR_FREE(out_key3);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -652,7 +652,7 @@ static int testMessageDictRef(const void *args ATTRIBUTE_UNUSED)
d71922
         VIR_FREE(out_strv1[5]);
d71922
     }
d71922
     VIR_FREE(out_strv1);
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
@@ -695,7 +695,7 @@ static int testMessageEmptyDictRef(const void *args ATTRIBUTE_UNUSED)
d71922
     ret = 0;
d71922
 
d71922
  cleanup:
d71922
-    dbus_message_unref(msg);
d71922
+    virDBusMessageUnref(msg);
d71922
     return ret;
d71922
 }
d71922
 
d71922
diff --git a/tests/virfirewalltest.c b/tests/virfirewalltest.c
d71922
index 1f8d8f1..8f6fc9e 100644
d71922
--- a/tests/virfirewalltest.c
d71922
+++ b/tests/virfirewalltest.c
d71922
@@ -179,8 +179,7 @@ VIR_MOCK_WRAP_RET_ARGS(dbus_connection_send_with_reply_and_block,
d71922
     return reply;
d71922
 
d71922
  error:
d71922
-    if (reply)
d71922
-        dbus_message_unref(reply);
d71922
+    virDBusMessageUnref(reply);
d71922
     reply = NULL;
d71922
     if (error && !dbus_error_is_set(error))
d71922
         dbus_set_error_const(error,
d71922
diff --git a/tests/virpolkittest.c b/tests/virpolkittest.c
d71922
index cdf78f5..b39beed 100644
d71922
--- a/tests/virpolkittest.c
d71922
+++ b/tests/virpolkittest.c
d71922
@@ -140,7 +140,7 @@ VIR_MOCK_WRAP_RET_ARGS(dbus_connection_send_with_reply_and_block,
d71922
     return reply;
d71922
 
d71922
  error:
d71922
-    dbus_message_unref(reply);
d71922
+    virDBusMessageUnref(reply);
d71922
     return NULL;
d71922
 }
d71922
 
d71922
diff --git a/tests/virsystemdtest.c b/tests/virsystemdtest.c
d71922
index 46452dd..101f5e0 100644
d71922
--- a/tests/virsystemdtest.c
d71922
+++ b/tests/virsystemdtest.c
d71922
@@ -28,6 +28,7 @@
d71922
 # include <dbus/dbus.h>
d71922
 
d71922
 # include "virsystemd.h"
d71922
+# include "virdbus.h"
d71922
 # include "virlog.h"
d71922
 # include "virmock.h"
d71922
 # define VIR_FROM_THIS VIR_FROM_NONE
d71922
@@ -151,7 +152,7 @@ VIR_MOCK_WRAP_RET_ARGS(dbus_connection_send_with_reply_and_block,
d71922
     return reply;
d71922
 
d71922
  error:
d71922
-    dbus_message_unref(reply);
d71922
+    virDBusMessageUnref(reply);
d71922
     return NULL;
d71922
 }
d71922
 
d71922
-- 
d71922
2.7.2
d71922