From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:52619)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <armbru@pond.sub.org>) id 1V59sI-0000Lt-IC
	for qemu-devel@nongnu.org; Fri, 02 Aug 2013 03:34:16 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <armbru@pond.sub.org>) id 1V59sC-0000Uw-FA
	for qemu-devel@nongnu.org; Fri, 02 Aug 2013 03:34:10 -0400
Received: from oxygen.pond.sub.org ([2a01:4f8:121:10e4::3]:56190)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <armbru@pond.sub.org>) id 1V59sC-0000Tu-5G
	for qemu-devel@nongnu.org; Fri, 02 Aug 2013 03:34:04 -0400
From: Markus Armbruster <armbru@redhat.com>
Date: Fri,  2 Aug 2013 09:34:00 +0200
Message-Id: <1375428840-5275-1-git-send-email-armbru@redhat.com>
Subject: [Qemu-devel] [PATCH] qemu-option: Guard against
	qemu_opts_set_defaults() misuse
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: peter.maydell@linaro.org, aliguori@us.ibm.com

Commit 6d4cd40 fixed qemu_opts_set_defaults() for an existing corner
case, but broke it for another one that can't be reached in current
code.

Quote from its commit message:

    I believe [opts_parse()] attempts to do the following:

        If options don't yet exist, create new options
        Else, if defaults, modify the existing options
        Else, if list->merge_lists, modify the existing options
        Else, fail

The only caller that passes true for defaults is
qemu_opts_set_defaults().

The commit message then claims:

    A straightforward call of qemu_opts_create() does exactly that.

Wrong.  When !list->merge_lists, and the option string doesn't contain
id=, and options without ID exist, then we don't actually modify the
existing options, we create new ones.

Not reachable, because we never pass lists with !list->merge_lists to
qemu_opts_set_defaults().

Guard against possible (if unlikely) future misuse with assert().

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
 util/qemu-option.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/util/qemu-option.c b/util/qemu-option.c
index 7a1552a..4ebdc4c 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -928,6 +928,15 @@ static QemuOpts *opts_parse(QemuOptsList *list, const char *params,
         get_opt_value(value, sizeof(value), p+4);
         id = value;
     }
+
+    /*
+     * This code doesn't work for defaults && !list->merge_lists: when
+     * params has no id=, and list has an element with !opts->id, it
+     * appends a new element instead of returning the existing opts.
+     * However, we got no use for this case.  Guard against possible
+     * (if unlikely) future misuse:
+     */
+    assert(!defaults || list->merge_lists);
     opts = qemu_opts_create(list, id, !defaults, &local_err);
     if (opts == NULL) {
         if (error_is_set(&local_err)) {
-- 
1.7.11.7