[PATCH 1/4] storageBackendProbeTarget: Check return value of virStorageSourceNewFromBacking

[Peter Krempa]

Commit bc3a78f61a2aaac3 errorneously removed the return value check from
virStorageSourceNewFromBacking. In cases when we e.g. can't parse the
backing store string this leads to a crash:

 #0  virStorageSourceGetActualType (def=0x0) at 
../../../libvirt/src/conf/storage_source_conf.c:1014
 #1  0x00007ffff7cee4f9 in virStorageSourceIsLocalStorage (src=<optimized out>) 
at ../../../libvirt/src/conf/storage_source_conf.c:1026
 #2  0x00007ffff455c97c in storageBackendProbeTarget 
(encryption=0x7fff9c122ce8, target=0x7fff9c122c68) at 
../../../libvirt/src/storage/storage_util.c:3443
 #3  virStorageBackendRefreshVolTargetUpdate (vol=0x7fff9c122c30) at 
../../../libvirt/src/storage/storage_util.c:3519
 #4  0x00007ffff455cdc0 in virStorageBackendRefreshLocal (pool=0x7fff9c010ea0) 
at ../../../libvirt/src/storage/storage_util.c:3593
 #5  0x00007ffff454f0a1 in storagePoolRefreshImpl
    (backend=backend@entry=0x7ffff4711180 <virStorageBackendDirectory>, 
obj=obj@entry=0x7fff9c010ea0, stateFile=stateFile@entry=0x7fff9c111a90 
"/var/run/libvirt/storage/tmp.xml") at 
../../../libvirt/src/storage/storage_driver.c:103
 #6  0x00007ffff4550ea5 in storagePoolUpdateStateCallback (obj=0x7fff9c010ea0, 
opaque=<optimized out>) at ../../../libvirt/src/storage/storage_driver.c:165
 #7  0x00007ffff7cefef4 in virStoragePoolObjListForEachCb (payload=<optimized 
out>, name=<optimized out>, opaque=0x7fffc8a489c0)
    at ../../../libvirt/src/conf/virstorageobj.c:435
 #8  0x00007ffff7c03195 in virHashForEachSafe
    (table=<optimized out>, iter=iter@entry=0x7ffff7cefec0 
<virStoragePoolObjListForEachCb>, opaque=opaque@entry=0x7fffc8a489c0)
    at ../../../libvirt/src/util/virhash.c:414
 #9  0x00007ffff7cf0520 in virStoragePoolObjListForEach
    (pools=<optimized out>, iter=iter@entry=0x7ffff4550e10 
<storagePoolUpdateStateCallback>, opaque=opaque@entry=0x0)
    at ../../../libvirt/src/conf/virstorageobj.c:468
 #10 0x00007ffff454f43a in storagePoolUpdateAllState () at 
../../../libvirt/src/storage/storage_driver.c:184
 #11 storageStateInitialize (privileged=<optimized out>, root=<optimized out>, 
callback=<optimized out>, opaque=<optimized out>)
    at ../../../libvirt/src/storage/storage_driver.c:315
 #12 0x00007ffff7e10c04 in virStateInitialize
    (opaque=0x555555621820, callback=0x55555557b1d0 <daemonInhibitCallback>, 
root=0x0, mandatory=<optimized out>, privileged=true)
    at ../../../libvirt/src/libvirt.c:656
 #13 virStateInitialize
    (privileged=<optimized out>, mandatory=mandatory@entry=false, 
root=root@entry=0x0, callback=callback@entry=0x55555557b1d0 
<daemonInhibitCallback>, opaque=opaque@entry=0x555555621820) at 
../../../libvirt/src/libvirt.c:638
 #14 0x000055555557b230 in daemonRunStateInit (opaque=0x555555621820) at 
../../../libvirt/src/remote/remote_daemon.c:605
 #15 0x00007ffff7c46bb5 in virThreadHelper (data=<optimized out>) at 
../../../libvirt/src/util/virthread.c:233
 #16 0x00007ffff6e453f9 in start_thread () at /lib64/libpthread.so.0
 #17 0x00007ffff766fb53 in clone () at /lib64/libc.so

An invalid image can be easily created by:

$ qemu-img create -f qcow2 -F qcow2 -b 'json:{' -u img.qcow2 10M

Signed-off-by: Peter Krempa <pkre...@redhat.com>
---
 src/storage/storage_util.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c
index b5adb05826..e71715f908 100644
--- a/src/storage/storage_util.c
+++ b/src/storage/storage_util.c
@@ -3435,7 +3435,8 @@ storageBackendProbeTarget(virStorageSourcePtr target,
         return -1;

     if (meta->backingStoreRaw) {
-        virStorageSourceNewFromBacking(meta, &target->backingStore);
+        if (virStorageSourceNewFromBacking(meta, &target->backingStore) < 0)
+            return -1;

         /* XXX: Remote storage doesn't play nicely with volumes backed by
          * remote storage. To avoid trouble, just fake the backing store is RAW
-- 
2.29.2