File CVE-2010-223x-0004.patch of Package libvirt

>From 7b2c30d0af7938df533b85e948918cfdff2e5f01 Mon Sep 17 00:00:00 2001
From: Daniel P. Berrange <berrange@redhat.com>
Date: Tue, 15 Jun 2010 16:15:51 +0100
Subject: [PATCH 04/10] Require format to be passed into virStorageFileGetMetadata

Require the disk image to be passed into virStorageFileGetMetadata.
If this is set to VIR_STORAGE_FILE_AUTO, then the format will be
resolved using probing. This makes it easier to control when
probing will be used

* src/qemu/qemu_driver.c, src/security/security_selinux.c,
  src/security/virt-aa-helper.c:
  Set VIR_STORAGE_FILE_AUTO when calling virStorageFileGetMetadata.
* src/storage/storage_backend_fs.c: Probe for disk format before
  caling virStorageFileGetMetadata.
* src/util/storage_file.h, src/util/storage_file.c: Remove format
  from virStorageFileMeta struct & require it to be passed into
  method.
---
 src/qemu/qemu_driver.c           |   27 +++++++++++++++++++++++----
 src/security/security_selinux.c  |    4 +++-
 src/security/virt-aa-helper.c    |    4 +++-
 src/storage/storage_backend_fs.c |   11 ++++++++---
 src/util/storage_file.c          |   15 ++++++++++++---
 src/util/storage_file.h          |    3 ++-
 7 files changed, 54 insertions(+), 14 deletions(-)

Index: libvirt-0.7.2/src/security/security_selinux.c
===================================================================
--- libvirt-0.7.2.orig/src/security/security_selinux.c
+++ libvirt-0.7.2/src/security/security_selinux.c
@@ -417,7 +417,10 @@ SELinuxSetSecurityImageLabel(virConnectP
 
         memset(&meta, 0, sizeof(meta));
 
-        ret = virStorageFileGetMetadata(conn, path, &meta);
+        ret = virStorageFileGetMetadata(conn,
+                                        path,
+                                        VIR_STORAGE_FILE_AUTO,
+                                        &meta);
 
         if (path != disk->src)
             VIR_FREE(path);
Index: libvirt-0.7.2/src/storage/storage_backend_fs.c
===================================================================
--- libvirt-0.7.2.orig/src/storage/storage_backend_fs.c
+++ libvirt-0.7.2/src/storage/storage_backend_fs.c
@@ -78,14 +78,19 @@ virStorageBackendProbeTarget(virConnectP
 
     memset(&meta, 0, sizeof(meta));
 
-    if (virStorageFileGetMetadataFromFD(conn, target->path, fd, &meta) < 0) {
+    if ((target->format = virStorageFileProbeFormatFromFD(conn, target->path, fd)) < 0) {
         close(fd);
         return -1;
     }
 
-    close(fd);
+    if (virStorageFileGetMetadataFromFD(conn, target->path, fd,
+                                        target->format,
+                                        &meta) < 0) {
+        close(fd);
+        return -1;
+    }
 
-    target->format = meta.format;
+    close(fd);
 
     if (backingStore) {
         *backingStore = meta.backingStore;
Index: libvirt-0.7.2/src/util/storage_file.c
===================================================================
--- libvirt-0.7.2.orig/src/util/storage_file.c
+++ libvirt-0.7.2/src/util/storage_file.c
@@ -668,6 +668,7 @@ int
 virStorageFileGetMetadataFromFD(virConnectPtr conn,
                                 const char *path,
                                 int fd,
+                                int format,
                                 virStorageFileMetadata *meta)
 {
     unsigned char head[20*512]; /* vmdk4GetBackingStore needs this much. */
@@ -685,9 +686,16 @@ virStorageFileGetMetadataFromFD(virConne
         return -1;
     }
 
-    meta->format = virStorageFileProbeFormatFromBuf(path, head, len);
+    if (format == VIR_STORAGE_FILE_AUTO)
+        format = virStorageFileProbeFormatFromBuf(path, head, len);
 
-    return virStorageFileGetMetadataFromBuf(conn, meta->format, path, head, len, meta);
+    if (format < 0 ||
+        format >= VIR_STORAGE_FILE_LAST) {
+        virReportSystemError(conn, EINVAL, _("unknown storage file format %d"), format);
+        return -1;
+    }
+
+    return virStorageFileGetMetadataFromBuf(conn, format, path, head, len, meta);
 }
 
 /**
@@ -704,6 +712,7 @@ virStorageFileGetMetadataFromFD(virConne
 int
 virStorageFileGetMetadata(virConnectPtr conn,
                           const char *path,
+                          int format,
                           virStorageFileMetadata *meta)
 {
     int fd, ret;
@@ -713,7 +722,7 @@ virStorageFileGetMetadata(virConnectPtr
         return -1;
     }
 
-    ret = virStorageFileGetMetadataFromFD(conn, path, fd, meta);
+    ret = virStorageFileGetMetadataFromFD(conn, path, fd, format, meta);
 
     close(fd);
 
Index: libvirt-0.7.2/src/util/storage_file.h
===================================================================
--- libvirt-0.7.2.orig/src/util/storage_file.h
+++ libvirt-0.7.2/src/util/storage_file.h
@@ -61,10 +61,12 @@ int virStorageFileProbeFormatFromFD(virC
 
 int virStorageFileGetMetadata(virConnectPtr conn,
                               const char *path,
+                              int format,
                               virStorageFileMetadata *meta);
 int virStorageFileGetMetadataFromFD(virConnectPtr conn,
                                     const char *path,
                                     int fd,
+                                    int format,
                                     virStorageFileMetadata *meta);
 
 #endif /* __VIR_STORAGE_FILE_H__ */