qemu: don't use vm when lock is dropped in qemuDomainGetFSInfo

Current call to qemuAgentGetFSInfo in qemuDomainGetFSInfo is
unsafe. Domain lock is dropped and we use vm->def. Let's make
def copy to fix that.

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index eac510feebd09efb34533e188d320b8b79bea850..70e64630af7ddf5f06787b2b31cebd9a7fa100d8 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -19784,6 +19784,8 @@ qemuDomainGetFSInfo(virDomainPtr dom,
     virQEMUDriverPtr driver = dom->conn->privateData;
     virDomainObjPtr vm;
     qemuAgentPtr agent;
+    virCapsPtr caps = NULL;
+    virDomainDefPtr def = NULL;
     int ret = -1;
 
     virCheckFlags(0, ret);
@@ -19806,8 +19808,14 @@ qemuDomainGetFSInfo(virDomainPtr dom,
     if (!qemuDomainAgentAvailable(vm, true))
         goto endjob;
 
+    if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
+        goto endjob;
+
+    if (!(def = virDomainDefCopy(vm->def, caps, driver->xmlopt, NULL, false)))
+        goto endjob;
+
     agent = qemuDomainObjEnterAgent(vm);
-    ret = qemuAgentGetFSInfo(agent, info, vm->def);
+    ret = qemuAgentGetFSInfo(agent, info, def);
     qemuDomainObjExitAgent(vm, agent);
 
  endjob:
@@ -19815,6 +19823,8 @@ qemuDomainGetFSInfo(virDomainPtr dom,
 
  cleanup:
     virDomainObjEndAPI(&vm);
+    virDomainDefFree(def);
+    virObjectUnref(caps);
     return ret;
 }