From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: lersek@redhat.com, qemu-stable@nongnu.org, Petar.Jovanovic@imgtec.com
Subject: [Qemu-devel] [PATCH 35/51] qemu_opts_parse(): always check return value
Date: Fri, 21 Feb 2014 02:17:11 -0600 [thread overview]
Message-ID: <1392970647-21528-36-git-send-email-mdroth@linux.vnet.ibm.com> (raw)
In-Reply-To: <1392970647-21528-1-git-send-email-mdroth@linux.vnet.ibm.com>
From: Laszlo Ersek <lersek@redhat.com>
qemu_opts_parse() can always return NULL, even if the QemuOptsList.desc in
question would be trivial to satisfy (eg. because it's empty). For
example:
qemu_opts_parse()
opts_parse()
qemu_opts_create()
id_wellformed()
In practice:
$ .../qemu-system-x86_64 -acpitable id=3
qemu-system-x86_64: -acpitable id=3: Parameter 'id' expects an identifier
**
ERROR:vl.c:3491:main: assertion failed: (opts != NULL)
Aborted (core dumped)
$ .../qemu-system-x86_64 -smbios id=3
qemu-system-x86_64: -smbios id=3: Parameter 'id' expects an identifier
Segmentation fault (core dumped)
I checked all qemu_opts_parse() invocations (and all drive_def()
invocations too, because it blindly forwards the former's retval). Only
the two above examples look problematic.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1385658779-7529-1-git-send-email-lersek@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
(cherry picked from commit f46e720a82ccdf1a521cf459448f3f96ed895d43)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
vl.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/vl.c b/vl.c
index 31e3411..30b5076 100644
--- a/vl.c
+++ b/vl.c
@@ -3489,11 +3489,16 @@ int main(int argc, char **argv, char **envp)
}
case QEMU_OPTION_acpitable:
opts = qemu_opts_parse(qemu_find_opts("acpi"), optarg, 1);
- g_assert(opts != NULL);
+ if (!opts) {
+ exit(1);
+ }
do_acpitable_option(opts);
break;
case QEMU_OPTION_smbios:
opts = qemu_opts_parse(qemu_find_opts("smbios"), optarg, 0);
+ if (!opts) {
+ exit(1);
+ }
do_smbios_option(opts);
break;
case QEMU_OPTION_enable_kvm:
--
1.7.9.5
next prev parent reply other threads:[~2014-02-21 8:19 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-21 8:16 [Qemu-devel] Patch Round-up for stable 1.7.1, freeze on 2013-02-27 Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 01/51] virtio-ccw: move virtio_ccw_stop_ioeventfd to virtio_ccw_busdev_unplug Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 02/51] virtio-bus: remove vdev field Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 03/51] virtio-ccw: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 04/51] virtio-pci: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 05/51] virtio-bus: cleanup plug/unplug interface Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 06/51] virtio-blk: switch exit callback to VirtioDeviceClass Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 07/51] virtio-serial: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 08/51] virtio-net: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 09/51] virtio-scsi: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 10/51] virtio-balloon: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 11/51] virtio-rng: " Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 12/51] virtio-pci: add device_unplugged callback Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 13/51] scsi-bus: fix transfer length and direction for VERIFY command Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 14/51] scsi-disk: fix VERIFY emulation Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 15/51] intel-hda: fix position buffer Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 16/51] memory.c: bugfix - ref counting mismatch in memory_region_find Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 17/51] qom: Split out object and class caches Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 18/51] migration: Fix rate limit Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 19/51] vl: add missing transition debug->finish_migrate Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 20/51] x86: only allow real mode to access 32bit without LMA Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 21/51] qdev-monitor: Avoid device_add crashing on non-device driver name Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 22/51] split definitions for exec.c and translate-all.c radix trees Michael Roth
2014-02-21 8:16 ` [Qemu-devel] [PATCH 23/51] exec: replace leaf with skip Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 24/51] exec: pass hw address to phys_page_find Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 25/51] exec: separate sections and nodes per address space Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 26/51] pc: map PCI address space as catchall region for not mapped addresses Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 27/51] piix: fix 32bit pci hole Michael Roth
2014-02-21 14:15 ` Laszlo Ersek
2014-02-21 8:17 ` [Qemu-devel] [PATCH 28/51] target-mips: fix 64-bit FPU config for user-mode emulation Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 29/51] linux-user: pass correct parameter to do_shmctl() Michael Roth
2014-02-21 9:58 ` Laurent Vivier
2014-02-21 20:14 ` Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 30/51] linux-user: create target_structs header to place ipc_perm and shmid_ds Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 31/51] Fix QEMU build on OpenBSD on x86 archs Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 32/51] tcg/optimize: fix known-zero bits for right shift ops Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 33/51] hpet: fix build with CONFIG_HPET off Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 34/51] block/iscsi: use a bh to schedule co reentrance Michael Roth
2014-02-21 8:17 ` Michael Roth [this message]
2014-02-21 8:17 ` [Qemu-devel] [PATCH 36/51] s390x/kvm: Fix diagnose handling Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 37/51] seccomp: exit if seccomp_init() fails Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 38/51] mainstone: Fix duplicate array values for key 'space' Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 39/51] migration: qmp_migrate(): keep working after syntax error Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 40/51] vfio-pci: Release all MSI-X vectors when disabled Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 41/51] block/curl: Implement the libcurl timer callback interface Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 42/51] scsi: Support TEST UNIT READY in the dummy LUN0 Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 43/51] scsi: Assign cancel_io vector for scsi_disk_emulate_ops Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 44/51] virtio-scsi: Cleanup of I/Os that never started Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 45/51] virtio-scsi: Prevent assertion on missed events Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 46/51] KVM: Retry KVM_CREATE_VM on EINTR Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 47/51] i386: Add missing include file for QEMU_PACKED Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 48/51] linux-user: Fix trampoline code for CRIS Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 50/51] memory: fix limiting of translation at a page boundary Michael Roth
2014-02-21 8:17 ` [Qemu-devel] [PATCH 51/51] tcg-arm: The shift count of op_rotl_i32 is in args[2] not args[1] Michael Roth
2014-02-21 10:23 ` [Qemu-devel] Patch Round-up for stable 1.7.1, freeze on 2013-02-27 Paolo Bonzini
2014-03-04 17:04 ` Laszlo Ersek
2014-03-04 17:46 ` Petar Jovanovic
2014-03-04 17:54 ` Michael Roth
2014-03-12 10:53 ` [Qemu-devel] [Qemu-stable] " Michael Tokarev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1392970647-21528-36-git-send-email-mdroth@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=Petar.Jovanovic@imgtec.com \
--cc=lersek@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).