libxc: Do not segfault if (e.g.) switch_qemu_logdirty fails

In xc_domain_save the local variable `ob' is initialised to NULL.
There are then various startup actions.  Some of these `goto out' on
failure; for example the call to callbacks->switch_qemu_logdirty on
l.978.  However, out is used both by success and error paths.  So it
attempts (l.2043) to flush the current output buffer.  If ob has not
yet been assigned a non-NULL value, this segfaults.  So make the call
to outbuf_flush conditional on ob.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Jackson <Ian.Jackson@eu.citrix.com>

diff --git a/tools/libxc/xc_domain_save.c b/tools/libxc/xc_domain_save.c
index fcc7718ecb05720477230303a8f95d219fe55684..c359649edb31c32d3f82a5d5fd686053dd08ac4d 100644 (file)
--- a/tools/libxc/xc_domain_save.c
+++ b/tools/libxc/xc_domain_save.c
@@ -2040,7 +2040,7 @@ int xc_domain_save(xc_interface *xch, int io_fd, uint32_t dom, uint32_t max_iter
     }
 
     /* Flush last write and discard cache for file. */
-    if ( outbuf_flush(xch, ob, io_fd) < 0 ) {
+    if ( ob && outbuf_flush(xch, ob, io_fd) < 0 ) {
         PERROR("Error when flushing output buffer");
         rc = 1;
     }