From c2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Tue, 17 Nov 2020 17:30:45 +0100 Subject: authz-simple: Check that 'identity' property is set If the 'identify' property is not set, we'll pass a NULL pointer to g_str_equal() and crash. Catch the error condition during the creation of the object. Signed-off-by: Kevin Wolf Signed-off-by: Daniel P. Berrangé --- authz/simple.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'authz') diff --git a/authz/simple.c b/authz/simple.c index 18db0355f4..0597dcd8ea 100644 --- a/authz/simple.c +++ b/authz/simple.c @@ -65,11 +65,25 @@ qauthz_simple_finalize(Object *obj) } +static void +qauthz_simple_complete(UserCreatable *uc, Error **errp) +{ + QAuthZSimple *sauthz = QAUTHZ_SIMPLE(uc); + + if (!sauthz->identity) { + error_setg(errp, "The 'identity' property must be set"); + return; + } +} + + static void qauthz_simple_class_init(ObjectClass *oc, void *data) { QAuthZClass *authz = QAUTHZ_CLASS(oc); + UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc); + ucc->complete = qauthz_simple_complete; authz->is_allowed = qauthz_simple_is_allowed; object_class_property_add_str(oc, "identity", -- cgit v1.2.3-55-g7522