Fix crash when multiple event callbacks were registered CVE-2013-2230
authorJán Tomko <jtomko@redhat.com>
Tue, 2 Jul 2013 13:17:09 +0000 (15:17 +0200)
committerJán Tomko <jtomko@redhat.com>
Wed, 10 Jul 2013 11:02:30 +0000 (13:02 +0200)
CVE-2013-2230

Don't overwrite the callback ID returned by
virDomainEventStateRegisterID in ret by 0.

Introduced by abf75aea.

src/qemu/qemu_driver.c

index 571d1f8..b0180c9 100644 (file)
@@ -10043,9 +10043,7 @@ qemuConnectDomainEventRegisterAny(virConnectPtr conn,
                                       driver->domainEventState,
                                       dom, eventID,
                                       callback, opaque, freecb, &ret) < 0)
-        goto cleanup;
-
-    ret = 0;
+        ret = -1;
 
 cleanup:
     return ret;