| Message ID | 20201117163045.307451-2-kwolf@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | authz: Add missing NULL checks | expand |
On Tue, Nov 17, 2020 at 05:30:44PM +0100, Kevin Wolf wrote: > If the 'service' property is not set, we'll call pam_start() with a NULL > pointer for the service name. This fails and leaves a message like this > in the syslog: > > qemu-storage-daemon[294015]: PAM pam_start: invalid argument: service == NULL > > Make specifying the property mandatory and catch the error already > during the creation of the object. > > Signed-off-by: Kevin Wolf <kwolf@redhat.com> > --- > authz/pamacct.c | 6 ++++++ > 1 file changed, 6 insertions(+) Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Regards, Daniel
On 11/17/20 5:30 PM, Kevin Wolf wrote: > If the 'service' property is not set, we'll call pam_start() with a NULL > pointer for the service name. This fails and leaves a message like this > in the syslog: > > qemu-storage-daemon[294015]: PAM pam_start: invalid argument: service == NULL > > Make specifying the property mandatory and catch the error already > during the creation of the object. > > Signed-off-by: Kevin Wolf <kwolf@redhat.com> > --- > authz/pamacct.c | 6 ++++++ > 1 file changed, 6 insertions(+) Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
diff --git a/authz/pamacct.c b/authz/pamacct.c index e67195f7be..c862d9ff39 100644 --- a/authz/pamacct.c +++ b/authz/pamacct.c @@ -84,6 +84,12 @@ qauthz_pam_prop_get_service(Object *obj, static void qauthz_pam_complete(UserCreatable *uc, Error **errp) { + QAuthZPAM *pauthz = QAUTHZ_PAM(uc); + + if (!pauthz->service) { + error_setg(errp, "The 'service' property must be set"); + return; + } }
If the 'service' property is not set, we'll call pam_start() with a NULL pointer for the service name. This fails and leaves a message like this in the syslog: qemu-storage-daemon[294015]: PAM pam_start: invalid argument: service == NULL Make specifying the property mandatory and catch the error already during the creation of the object. Signed-off-by: Kevin Wolf <kwolf@redhat.com> --- authz/pamacct.c | 6 ++++++ 1 file changed, 6 insertions(+)