From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55179) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WLaiR-0000On-IX for qemu-devel@nongnu.org; Thu, 06 Mar 2014 11:00:24 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WLai4-0007XA-B9 for qemu-devel@nongnu.org; Thu, 06 Mar 2014 11:00:11 -0500 Received: from lnantes-156-75-100-125.w80-12.abo.wanadoo.fr ([80.12.84.125]:55851 helo=paradis.irqsave.net) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WLai4-0007W9-0g for qemu-devel@nongnu.org; Thu, 06 Mar 2014 10:59:48 -0500 Date: Thu, 6 Mar 2014 16:59:46 +0100 From: =?iso-8859-1?Q?Beno=EEt?= Canet Message-ID: <20140306155946.GC22291@irqsave.net> References: <1394120532-4282-1-git-send-email-kwolf@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline In-Reply-To: <1394120532-4282-1-git-send-email-kwolf@redhat.com> Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH] block: Fix error path segfault in bdrv_open() List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Kevin Wolf Cc: qemu-devel@nongnu.org, stefanha@redhat.com, mreitz@redhat.com The Thursday 06 Mar 2014 =E0 16:42:12 (+0100), Kevin Wolf wrote : > Using an invalid option for a block device that is opened with > BDRV_O_PROTOCOL led to drv =3D NULL, and when trying to include the dri= ver > name in the error message, qemu dereferenced it: >=20 > $ x86_64-softmmu/qemu-system-x86_64 -drive file=3D/tmp/test.qcow2,f= ile.foo=3Dbar > Segmentation fault (core dumped) >=20 > With this patch applied, the expected error message is printed: >=20 > $ x86_64-softmmu/qemu-system-x86_64 -drive file=3D/tmp/test.qcow2,f= ile.foo=3Dbar > qemu-system-x86_64: -drive file=3D/tmp/test.qcow2,file.foo=3Dbar: c= ould > not open disk image /tmp/test.qcow2: Block protocol 'file' doesn't > support the option 'foo' >=20 > Signed-off-by: Kevin Wolf > --- > block.c | 1 + > tests/qemu-iotests/051 | 9 +++++++++ > tests/qemu-iotests/051.out | 15 +++++++++++++++ > 3 files changed, 25 insertions(+) >=20 > diff --git a/block.c b/block.c > index e7387f1..f1ef4b0 100644 > --- a/block.c > +++ b/block.c > @@ -1234,6 +1234,7 @@ int bdrv_open(BlockDriverState **pbs, const char = *filename, > ret =3D bdrv_file_open(bs, filename, &options, flags & ~BDRV_O= _PROTOCOL, > &local_err); > if (!ret) { > + drv =3D bs->drv; > goto done; > } else if (bs->drv) { > goto close_and_fail; > diff --git a/tests/qemu-iotests/051 b/tests/qemu-iotests/051 > index 46345fb..14694e1 100755 > --- a/tests/qemu-iotests/051 > +++ b/tests/qemu-iotests/051 > @@ -78,6 +78,15 @@ run_qemu -drive file=3D"$TEST_IMG",format=3Dqcow2,un= known_opt=3D1234 > run_qemu -drive file=3D"$TEST_IMG",format=3Dqcow2,unknown_opt=3Dfoo > =20 > echo > +echo =3D=3D=3D Unknown protocol option =3D=3D=3D > +echo > + > +run_qemu -drive file=3D"$TEST_IMG",format=3Dqcow2,file.unknown_opt=3D > +run_qemu -drive file=3D"$TEST_IMG",format=3Dqcow2,file.unknown_opt=3Do= n > +run_qemu -drive file=3D"$TEST_IMG",format=3Dqcow2,file.unknown_opt=3D1= 234 > +run_qemu -drive file=3D"$TEST_IMG",format=3Dqcow2,file.unknown_opt=3Df= oo > + > +echo > echo =3D=3D=3D Invalid format =3D=3D=3D > echo > =20 > diff --git a/tests/qemu-iotests/051.out b/tests/qemu-iotests/051.out > index 7de1870..f5e33ff 100644 > --- a/tests/qemu-iotests/051.out > +++ b/tests/qemu-iotests/051.out > @@ -17,6 +17,21 @@ Testing: -drive file=3DTEST_DIR/t.qcow2,format=3Dqco= w2,unknown_opt=3Dfoo > QEMU_PROG: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,unknown_opt=3D= foo: could not open disk image TEST_DIR/t.qcow2: Block format 'qcow2' use= d by device 'ide0-hd0' doesn't support the option 'unknown_opt' > =20 > =20 > +=3D=3D=3D Unknown protocol option =3D=3D=3D > + > +Testing: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_op= t=3D > +QEMU_PROG: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_= opt=3D: could not open disk image TEST_DIR/t.qcow2: Block protocol 'file'= doesn't support the option 'unknown_opt' > + > +Testing: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_op= t=3Don > +QEMU_PROG: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_= opt=3Don: could not open disk image TEST_DIR/t.qcow2: Block protocol 'fil= e' doesn't support the option 'unknown_opt' > + > +Testing: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_op= t=3D1234 > +QEMU_PROG: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_= opt=3D1234: could not open disk image TEST_DIR/t.qcow2: Block protocol 'f= ile' doesn't support the option 'unknown_opt' > + > +Testing: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_op= t=3Dfoo > +QEMU_PROG: -drive file=3DTEST_DIR/t.qcow2,format=3Dqcow2,file.unknown_= opt=3Dfoo: could not open disk image TEST_DIR/t.qcow2: Block protocol 'fi= le' doesn't support the option 'unknown_opt' > + > + > =3D=3D=3D Invalid format =3D=3D=3D > =20 > Testing: -drive file=3DTEST_DIR/t.qcow2,format=3Dfoo > --=20 > 1.8.1.4 >=20 >=20 Reviewed-by: Benoit Canet