qemu: domain: Fix potential NULL deref when parsing job private data

A specially crafted XML which would reference a non-existing disk but
request the mirror to be registered with the blockjob could potentially
make the parser dereference NULL. Fix it by moving the code slightly and
just treat it as a wrong job XML. Found by Coverity.

Reported-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 657f3ecfe44a6fd77a2fc24a28722e93535683d7..c7eb0b5e9a2a588cbcc149cd2e35e8289c7081f3 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -3012,15 +3012,19 @@ qemuDomainObjPrivateXMLParseBlockjobData(virDomainObjPtr vm,
             invalidData = true;
     }
 
+    if (mirror) {
+        if (disk)
+            job->mirrorChain = virObjectRef(disk->mirror);
+        else
+            invalidData = true;
+    }
+
     job->state = state;
     job->newstate = newstate;
     job->errmsg = virXPathString("string(./errmsg)", ctxt);
     job->invalidData = invalidData;
     job->disk = disk;
 
-    if (mirror)
-        job->mirrorChain = virObjectRef(job->disk->mirror);
-
     qemuDomainObjPrivateXMLParseBlockjobDataSpecific(job, ctxt, xmlopt);
 
     if (qemuBlockJobRegister(job, vm, disk, false) < 0)