[Qemu-commits] [qemu/qemu] 2b37e9: authz-list-file: Fix file read error

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 2b37e9: authz-list-file: Fix file read error

From:	Peter Maydell
Subject:	[Qemu-commits] [qemu/qemu] 2b37e9: authz-list-file: Fix file read error handling
Date:	Wed, 18 Nov 2020 07:44:00 -0800

  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 2b37e9f84372b5c98ef0ba114ce016953e47bc3c
      
https://github.com/qemu/qemu/commit/2b37e9f84372b5c98ef0ba114ce016953e47bc3c
  Author: Markus Armbruster <armbru@redhat.com>
  Date:   2020-11-18 (Wed, 18 Nov 2020)

  Changed paths:
    M authz/listfile.c

  Log Message:
  -----------
  authz-list-file: Fix file read error handling

The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL.  Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.

qauthz_list_file_complete() is wrong that way: it passes @errp to
qauthz_list_file_complete() without checking for failure.  If it runs
into another failure, it trips error_setv()'s assertion.  Reproducer:

    $ qemu-system-x86_64 -nodefaults -S -display none -object 
authz-list-file,id=authz0,filename=
    qemu-system-x86_64: ../util/error.c:59: error_setv: Assertion `*errp == 
NULL' failed.
    Aborted (core dumped)

Fix it to check for failure.

Fixes: 55d869846de802a16af1a50584c51737bd664387
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 8e26ae7bb58d10c04599eabd265217da050514a4
      
https://github.com/qemu/qemu/commit/8e26ae7bb58d10c04599eabd265217da050514a4
  Author: Markus Armbruster <armbru@redhat.com>
  Date:   2020-11-18 (Wed, 18 Nov 2020)

  Changed paths:
    M authz/listfile.c

  Log Message:
  -----------
  authz-list-file: Improve an error message

When qauthz_list_file_load() rejects JSON values other than JSON
object with a rather confusing error message:

    $ echo 1 | qemu-system-x86_64 -nodefaults -S -display none  -object 
authz-list-file,id=authz0,filename=/dev/stdin
    qemu-system-x86_64: -object authz-list-file,id=authz0,filename=/dev/stdin: 
Invalid parameter type for 'obj', expected: dict

Improve to

    qemu-system-x86_64: -object authz-list-file,id=authz0,filename=/dev/stdin: 
File '/dev/stdin' must contain a JSON object

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 3428455df9302b2b924e380cb90a77ca1ce5001e
      
https://github.com/qemu/qemu/commit/3428455df9302b2b924e380cb90a77ca1ce5001e
  Author: Kevin Wolf <kwolf@redhat.com>
  Date:   2020-11-18 (Wed, 18 Nov 2020)

  Changed paths:
    M authz/pamacct.c

  Log Message:
  -----------
  authz-pam: Check that 'service' property is set

If the 'service' property is not set, we'll call pam_start() with a NULL
pointer for the service name. This fails and leaves a message like this
in the syslog:

qemu-storage-daemon[294015]: PAM pam_start: invalid argument: service == NULL

Make specifying the property mandatory and catch the error already
during the creation of the object.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: c2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad
      
https://github.com/qemu/qemu/commit/c2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad
  Author: Kevin Wolf <kwolf@redhat.com>
  Date:   2020-11-18 (Wed, 18 Nov 2020)

  Changed paths:
    M authz/simple.c

  Log Message:
  -----------
  authz-simple: Check that 'identity' property is set

If the 'identify' property is not set, we'll pass a NULL pointer to
g_str_equal() and crash. Catch the error condition during the creation
of the object.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: b696f2c6ba8c92ffb5eca49b88a5c7276d0a3e1e
      
https://github.com/qemu/qemu/commit/b696f2c6ba8c92ffb5eca49b88a5c7276d0a3e1e
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2020-11-18 (Wed, 18 Nov 2020)

  Changed paths:
    M authz/listfile.c
    M authz/pamacct.c
    M authz/simple.c

  Log Message:
  -----------
  Merge remote-tracking branch 
'remotes/berrange-gitlab/tags/misc-fixes-pull-request' into staging

Misc error reporting and checking fixes to authorization objects

# gpg: Signature made Wed 18 Nov 2020 12:48:53 GMT
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange-gitlab/tags/misc-fixes-pull-request:
  authz-simple: Check that 'identity' property is set
  authz-pam: Check that 'service' property is set
  authz-list-file: Improve an error message
  authz-list-file: Fix file read error handling

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>


Compare: https://github.com/qemu/qemu/compare/269ff671c593...b696f2c6ba8c

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] 2b37e9: authz-list-file: Fix file read error handling, Peter Maydell, 2020/11/18
- [Qemu-commits] [qemu/qemu] 2b37e9: authz-list-file: Fix file read error handling, Peter Maydell <=

Prev by Date: [Qemu-commits] [qemu/qemu] 933c8f: meson: Fix argument for makensis (build regression)
Next by Date: [Qemu-commits] [qemu/qemu] 6d2479: Revert series "spapr/xive: Allocate vCPU IPIs from...
Previous by thread: [Qemu-commits] [qemu/qemu] 2b37e9: authz-list-file: Fix file read error handling
Next by thread: [Qemu-commits] [qemu/qemu] 933c8f: meson: Fix argument for makensis (build regression)
Index(es):
- Date
- Thread