File 447f69de-CVE-2021-3667.patch of Package libvirt.33143
commit 447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87
Author: Peter Krempa <pkrempa@redhat.com>
Date: Wed Jul 21 11:22:25 2021 +0200
storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath
'virStoragePoolObjListSearch' returns a locked and refed object, thus we
must release it on ACL permission failure.
Fixes: 7aa0e8c0cb8
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1984318
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Index: libvirt-7.1.0/src/storage/storage_driver.c
===================================================================
--- libvirt-7.1.0.orig/src/storage/storage_driver.c
+++ libvirt-7.1.0/src/storage/storage_driver.c
@@ -1739,8 +1739,10 @@ storagePoolLookupByTargetPath(virConnect
storagePoolLookupByTargetPathCallback,
cleanpath))) {
def = virStoragePoolObjGetDef(obj);
- if (virStoragePoolLookupByTargetPathEnsureACL(conn, def) < 0)
+ if (virStoragePoolLookupByTargetPathEnsureACL(conn, def) < 0) {
+ virStoragePoolObjEndAPI(&obj);
return NULL;
+ }
pool = virGetStoragePool(conn, def->name, def->uuid, NULL, NULL);
virStoragePoolObjEndAPI(&obj);
