From 2ecdf259299813c2c674377e22a0acbce5ccbbb2 Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 5 Sep 2022 16:22:34 +0200
Subject: [PATCH] remote: dispatch: Allocate 'virDomainDef' in ACL helpers
 dynamically
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

At time of this patch struct 'virDomainDef' has 1736 bytes. Allocate it
dynamically to keep the stack frame size in reasonable values.

This patch also fixes remoteRelayDomainQemuMonitorEventCheckACL, where
we didn't clear the stack'd variable prior to use. Fortunately for now
the code didn't look at anything else than what the code overwrote.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
 src/remote/remote_daemon_dispatch.c | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c
index dc5790f077..4f42cdc610 100644
--- a/src/remote/remote_daemon_dispatch.c
+++ b/src/remote/remote_daemon_dispatch.c
@@ -154,22 +154,21 @@ static bool
 remoteRelayDomainEventCheckACL(virNetServerClient *client,
                                virConnectPtr conn, virDomainPtr dom)
 {
-    virDomainDef def;
+    g_autofree virDomainDef *def = g_new0(virDomainDef, 1);
     g_autoptr(virIdentity) identity = NULL;
     bool ret = false;
 
     /* For now, we just create a virDomainDef with enough contents to
      * satisfy what viraccessdriverpolkit.c references.  This is a bit
      * fragile, but I don't know of anything better.  */
-    memset(&def, 0, sizeof(def));
-    def.name = dom->name;
-    memcpy(def.uuid, dom->uuid, VIR_UUID_BUFLEN);
+    def->name = dom->name;
+    memcpy(def->uuid, dom->uuid, VIR_UUID_BUFLEN);
 
     if (!(identity = virNetServerClientGetIdentity(client)))
         goto cleanup;
     if (virIdentitySetCurrent(identity) < 0)
         goto cleanup;
-    ret = virConnectDomainEventRegisterAnyCheckACL(conn, &def);
+    ret = virConnectDomainEventRegisterAnyCheckACL(conn, def);
 
  cleanup:
     ignore_value(virIdentitySetCurrent(NULL));
@@ -284,21 +283,21 @@ static bool
 remoteRelayDomainQemuMonitorEventCheckACL(virNetServerClient *client,
                                           virConnectPtr conn, virDomainPtr dom)
 {
-    virDomainDef def;
+    g_autofree virDomainDef *def = g_new0(virDomainDef, 1);
     g_autoptr(virIdentity) identity = NULL;
     bool ret = false;
 
     /* For now, we just create a virDomainDef with enough contents to
      * satisfy what viraccessdriverpolkit.c references.  This is a bit
      * fragile, but I don't know of anything better.  */
-    def.name = dom->name;
-    memcpy(def.uuid, dom->uuid, VIR_UUID_BUFLEN);
+    def->name = dom->name;
+    memcpy(def->uuid, dom->uuid, VIR_UUID_BUFLEN);
 
     if (!(identity = virNetServerClientGetIdentity(client)))
         goto cleanup;
     if (virIdentitySetCurrent(identity) < 0)
         goto cleanup;
-    ret = virConnectDomainQemuMonitorEventRegisterCheckACL(conn, &def);
+    ret = virConnectDomainQemuMonitorEventRegisterCheckACL(conn, def);
 
  cleanup:
     ignore_value(virIdentitySetCurrent(NULL));