summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKevin Wolf2020-11-17 17:30:45 +0100
committerDaniel P. Berrangé2020-11-18 11:51:35 +0100
commitc2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad (patch)
tree6f7e285c4d3140958971600005fa94fdffba5304
parentauthz-pam: Check that 'service' property is set (diff)
downloadqemu-c2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad.tar.gz
qemu-c2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad.tar.xz
qemu-c2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad.zip
authz-simple: Check that 'identity' property is set
If the 'identify' property is not set, we'll pass a NULL pointer to g_str_equal() and crash. Catch the error condition during the creation of the object. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
-rw-r--r--authz/simple.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/authz/simple.c b/authz/simple.c
index 18db0355f4..0597dcd8ea 100644
--- a/authz/simple.c
+++ b/authz/simple.c
@@ -66,10 +66,24 @@ qauthz_simple_finalize(Object *obj)
static void
+qauthz_simple_complete(UserCreatable *uc, Error **errp)
+{
+ QAuthZSimple *sauthz = QAUTHZ_SIMPLE(uc);
+
+ if (!sauthz->identity) {
+ error_setg(errp, "The 'identity' property must be set");
+ return;
+ }
+}
+
+
+static void
qauthz_simple_class_init(ObjectClass *oc, void *data)
{
QAuthZClass *authz = QAUTHZ_CLASS(oc);
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+ ucc->complete = qauthz_simple_complete;
authz->is_allowed = qauthz_simple_is_allowed;
object_class_property_add_str(oc, "identity",