From: Michal Privoznik <mpriv...@redhat.com>
Inside of get_files() there are two cases where vah_add_file() is
not checked for its retval. This is possibly dangerous, because
vah_add_file() might fail. Fix those places by introducing checks
for the retval.
Signed-off-by: Michal Privoznik <mpriv...@redhat.com>
---
src/security/virt-aa-helper.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 2ea4b47fa5..7748a0d19b 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1022,15 +1022,17 @@ get_files(vahControl * ctl)
const char *rendernode = virDomainGraphicsGetRenderNode(graphics);
if (rendernode) {
- vah_add_file(&buf, rendernode, "rw");
+ if (vah_add_file(&buf, rendernode, "rw") != 0)
+ goto cleanup;
needsgl = true;
} else {
if (virDomainGraphicsNeedsAutoRenderNode(graphics)) {
g_autofree char *defaultRenderNode = virHostGetDRMRenderNode();
needsgl = true;
- if (defaultRenderNode) {
- vah_add_file(&buf, defaultRenderNode, "rw");
+ if (defaultRenderNode &&
+ vah_add_file(&buf, defaultRenderNode, "rw") != 0) {
+ goto cleanup;
}
}
}
--
2.49.0
