File b7ff9e69-CVE-2012-4423.patch of Package libvirt.openSUSE_12.1_Update

commit c84053c2ab1c9a9b1d798285373a2572ee37aa92
Author: Martin Kletzander <mkletzan@redhat.com>
Date:   Wed Sep 12 23:43:26 2012 +0200

    security: Fix libvirtd crash possibility
    
    Fix for CVE-2012-4423.
    
    When generating RPC protocol messages, it's strictly needed to have a
    continuous line of numbers or RPC messages. However in case anyone
    tries backporting some functionality and will skip a number, there is
    a possibility to make the daemon segfault with newer virsh (version of
    the library, rpc call, etc.) even unintentionally.
    
    The problem is that the skipped numbers will get func filled with
    NULLs, but there is no check whether these are set before the daemon
    tries to run them. This patch very simply enhances one check and fixes
    that.
    (cherry picked from commit b7ff9e696063189a715802d081d55a398663c15a)

Index: libvirt-0.9.6/src/rpc/virnetserverprogram.c
===================================================================
--- libvirt-0.9.6.orig/src/rpc/virnetserverprogram.c
+++ libvirt-0.9.6/src/rpc/virnetserverprogram.c
@@ -1,7 +1,7 @@
 /*
  * virnetserverprogram.c: generic network RPC server program
  *
- * Copyright (C) 2006-2011 Red Hat, Inc.
+ * Copyright (C) 2006-2012 Red Hat, Inc.
  * Copyright (C) 2006 Daniel P. Berrange
  *
  * This library is free software; you can redistribute it and/or
@@ -100,12 +100,19 @@ int virNetServerProgramMatches(virNetSer
 static virNetServerProgramProcPtr virNetServerProgramGetProc(virNetServerProgramPtr prog,
                                                              int procedure)
 {
+    virNetServerProgramProcPtr proc;
+
     if (procedure < 0)
         return NULL;
     if (procedure >= prog->nprocs)
         return NULL;
 
-    return &prog->procs[procedure];
+    proc = &prog->procs[procedure];
+
+    if (!proc->func)
+        return NULL;
+
+    return proc;
 }
 
 unsigned int