Fix typo in identity code which is pre-requisite for CVE-2013-4311
authorDaniel P. Berrange <berrange@redhat.com>
Mon, 23 Sep 2013 11:46:25 +0000 (12:46 +0100)
committerEric Blake <eblake@redhat.com>
Mon, 23 Sep 2013 20:40:05 +0000 (14:40 -0600)
commit15033105c262ce115a05c8cba4951752b556fbe8
tree0e3b844b848cf987217eefff5aa62ac503b6db2a
parent2bfbf7a18e48127efd9b3d2d0976db6dffc476ff
Fix typo in identity code which is pre-requisite for CVE-2013-4311

The fix for CVE-2013-4311 had a pre-requisite enhancement
to the identity code

  commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Thu Aug 22 16:00:01 2013 +0100

    Also store user & group ID values in virIdentity

This had a typo which caused the group ID to overwrite the
user ID string. This meant any checks using this would have
the wrong ID value. This only affected the ACL code, not the
initial polkit auth. It also leaked memory.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit e4697b92abaad16e8e6b41a1e55be9b084d48d5a)
src/rpc/virnetserverclient.c