* [Qemu-devel] [PULL 0/7] vnc patch queue.
@ 2015-03-12 9:00 Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 1/7] vnc: drop display+ws_display from VncDisplay Gerd Hoffmann
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann
Hi,
Some vnc cleanups, more QemuOpts conversion fallout fixes.
please pull,
Gerd
The following changes since commit 9159eb9abc31e02797dc55998e71f12c06846d55:
Merge remote-tracking branch 'remotes/amit/tags/vser-for-2.3-1' into staging (2015-03-11 14:27:13 +0000)
are available in the git repository at:
git://git.kraxel.org/qemu tags/pull-vnc-20150312-1
for you to fetch changes up to 81607cbfa433272d1f09bd0f0ae6c3b14f818972:
vnc: fix segmentation fault when invalid vnc parameters are specified (2015-03-12 09:09:10 +0100)
----------------------------------------------------------------
vnc: bugfixes and cleanups.
----------------------------------------------------------------
Daniel P. Berrange (1):
ui: fix regression in x509verify parameter for VNC server
Gerd Hoffmann (3):
vnc: drop display+ws_display from VncDisplay
vnc: remove dead code
vnc: switch to inet_listen_opts
Gonglei (3):
ui/console: fix OVERFLOW_BEFORE_WIDEN
vnc: avoid possible file handler leak
vnc: fix segmentation fault when invalid vnc parameters are specified
ui/console.c | 4 +-
ui/vnc-auth-sasl.c | 2 +-
ui/vnc.c | 128 +++++++++++++++++++++++++++--------------------------
ui/vnc.h | 6 +--
4 files changed, 72 insertions(+), 68 deletions(-)
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 1/7] vnc: drop display+ws_display from VncDisplay
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
@ 2015-03-12 9:00 ` Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 2/7] vnc: remove dead code Gerd Hoffmann
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann, Anthony Liguori
Nobody cares about those strings, they are only used to check whenever
the vnc server / websocket support is enabled or not. Add bools for
this and drop the strings.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
---
ui/vnc-auth-sasl.c | 2 +-
ui/vnc.c | 54 +++++++++++++++++++++++-------------------------------
ui/vnc.h | 6 +++---
3 files changed, 27 insertions(+), 35 deletions(-)
diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c
index f3ad75d..2ddd259 100644
--- a/ui/vnc-auth-sasl.c
+++ b/ui/vnc-auth-sasl.c
@@ -555,7 +555,7 @@ void start_auth_sasl(VncState *vs)
memset (&secprops, 0, sizeof secprops);
/* Inform SASL that we've got an external SSF layer from TLS */
- if (strncmp(vs->vd->display, "unix:", 5) == 0
+ if (vs->vd->is_unix
#ifdef CONFIG_VNC_TLS
/* Disable SSF, if using TLS+x509+SASL only. TLS without x509
is not sufficiently strong */
diff --git a/ui/vnc.c b/ui/vnc.c
index ff0b5bd..65ba1c0 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -407,7 +407,7 @@ VncInfo *qmp_query_vnc(Error **errp)
VncInfo *info = g_malloc0(sizeof(*info));
VncDisplay *vd = vnc_display_find(NULL);
- if (vd == NULL || vd->display == NULL) {
+ if (vd == NULL || !vd->enabled) {
info->enabled = false;
} else {
struct sockaddr_storage sa;
@@ -3190,16 +3190,15 @@ static void vnc_display_close(VncDisplay *vs)
{
if (!vs)
return;
- g_free(vs->display);
- vs->display = NULL;
+ vs->enabled = false;
+ vs->is_unix = false;
if (vs->lsock != -1) {
qemu_set_fd_handler2(vs->lsock, NULL, NULL, NULL, NULL);
close(vs->lsock);
vs->lsock = -1;
}
#ifdef CONFIG_VNC_WS
- g_free(vs->ws_display);
- vs->ws_display = NULL;
+ vs->ws_enabled = false;
if (vs->lwebsock != -1) {
qemu_set_fd_handler2(vs->lwebsock, NULL, NULL, NULL, NULL);
close(vs->lwebsock);
@@ -3329,7 +3328,7 @@ void vnc_display_open(const char *id, Error **errp)
bool reverse = false;
const char *vnc;
const char *has_to;
- char *display, *to = NULL;
+ char *display, *ws_display = NULL, *to = NULL;
bool has_ipv4 = false;
bool has_ipv6 = false;
#ifdef CONFIG_VNC_WS
@@ -3369,10 +3368,9 @@ void vnc_display_open(const char *id, Error **errp)
has_ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
has_ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
display = g_strdup_printf("%s%s%s%s", vnc,
- has_to ? to : "",
- has_ipv4 ? ",ipv4" : "",
- has_ipv6 ? ",ipv6" : "");
- vs->display = g_strdup(display);
+ has_to ? to : "",
+ has_ipv4 ? ",ipv4" : "",
+ has_ipv6 ? ",ipv6" : "");
password = qemu_opt_get_bool(opts, "password", false);
if (password && fips_get_state()) {
@@ -3427,7 +3425,7 @@ void vnc_display_open(const char *id, Error **errp)
if (websocket) {
/* extract the host specification from display */
char *host = NULL, *host_end = NULL;
- vs->websocket = 1;
+ vs->ws_enabled = true;
/* ipv6 hosts have colons */
host_end = strrchr(display, ':');
@@ -3436,7 +3434,7 @@ void vnc_display_open(const char *id, Error **errp)
} else {
host = g_strdup(":");
}
- vs->ws_display = g_strconcat(host, websocket, NULL);
+ ws_display = g_strconcat(host, websocket, NULL);
g_free(host);
}
#endif /* CONFIG_VNC_WS */
@@ -3618,34 +3616,29 @@ void vnc_display_open(const char *id, Error **errp)
vnc_connect(vs, csock, false, false);
} else {
/* listen for connects */
- char *dpy;
- dpy = g_malloc(256);
if (strncmp(display, "unix:", 5) == 0) {
- pstrcpy(dpy, 256, "unix:");
- vs->lsock = unix_listen(display+5, dpy+5, 256-5, errp);
+ vs->lsock = unix_listen(display+5, NULL, 0, errp);
+ vs->is_unix = true;
} else {
- vs->lsock = inet_listen(display, dpy, 256,
+ vs->lsock = inet_listen(display, NULL, 0,
SOCK_STREAM, 5900, errp);
if (vs->lsock < 0) {
- g_free(dpy);
goto fail;
}
#ifdef CONFIG_VNC_WS
- if (vs->websocket) {
- if (vs->ws_display) {
- vs->lwebsock = inet_listen(vs->ws_display, NULL, 256,
+ if (vs->ws_enabled) {
+ if (ws_display) {
+ vs->lwebsock = inet_listen(ws_display, NULL, 0,
SOCK_STREAM, 0, errp);
} else {
- vs->lwebsock = inet_listen(vs->display, NULL, 256,
+ vs->lwebsock = inet_listen(display, NULL, 0,
SOCK_STREAM, 5700, errp);
}
-
if (vs->lwebsock < 0) {
if (vs->lsock) {
close(vs->lsock);
vs->lsock = -1;
}
- g_free(dpy);
goto fail;
}
}
@@ -3653,12 +3646,12 @@ void vnc_display_open(const char *id, Error **errp)
}
g_free(to);
g_free(display);
- g_free(vs->display);
- vs->display = dpy;
+ vs->enabled = true;
qemu_set_fd_handler2(vs->lsock, NULL,
vnc_listen_regular_read, NULL, vs);
#ifdef CONFIG_VNC_WS
- if (vs->websocket) {
+ g_free(ws_display);
+ if (vs->ws_enabled) {
qemu_set_fd_handler2(vs->lwebsock, NULL,
vnc_listen_websocket_read, NULL, vs);
}
@@ -3669,11 +3662,10 @@ void vnc_display_open(const char *id, Error **errp)
fail:
g_free(to);
g_free(display);
- g_free(vs->display);
- vs->display = NULL;
+ vs->enabled = false;
#ifdef CONFIG_VNC_WS
- g_free(vs->ws_display);
- vs->ws_display = NULL;
+ g_free(ws_display);
+ vs->ws_enabled = false;
#endif /* CONFIG_VNC_WS */
}
diff --git a/ui/vnc.h b/ui/vnc.h
index 5e2b1a5..66a0298 100644
--- a/ui/vnc.h
+++ b/ui/vnc.h
@@ -158,8 +158,7 @@ struct VncDisplay
int lsock;
#ifdef CONFIG_VNC_WS
int lwebsock;
- bool websocket;
- char *ws_display;
+ bool ws_enabled;
#endif
DisplaySurface *ds;
DisplayChangeListener dcl;
@@ -176,7 +175,8 @@ struct VncDisplay
const char *id;
QTAILQ_ENTRY(VncDisplay) next;
- char *display;
+ bool enabled;
+ bool is_unix;
char *password;
time_t expires;
int auth;
--
1.8.3.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 2/7] vnc: remove dead code
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 1/7] vnc: drop display+ws_display from VncDisplay Gerd Hoffmann
@ 2015-03-12 9:00 ` Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 3/7] vnc: switch to inet_listen_opts Gerd Hoffmann
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann, Anthony Liguori
If vs->ws_enabled is set ws_display is non-NULL.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
---
ui/vnc.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 65ba1c0..bac44ce 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3627,13 +3627,8 @@ void vnc_display_open(const char *id, Error **errp)
}
#ifdef CONFIG_VNC_WS
if (vs->ws_enabled) {
- if (ws_display) {
- vs->lwebsock = inet_listen(ws_display, NULL, 0,
- SOCK_STREAM, 0, errp);
- } else {
- vs->lwebsock = inet_listen(display, NULL, 0,
- SOCK_STREAM, 5700, errp);
- }
+ vs->lwebsock = inet_listen(ws_display, NULL, 0,
+ SOCK_STREAM, 0, errp);
if (vs->lwebsock < 0) {
if (vs->lsock) {
close(vs->lsock);
--
1.8.3.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 3/7] vnc: switch to inet_listen_opts
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 1/7] vnc: drop display+ws_display from VncDisplay Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 2/7] vnc: remove dead code Gerd Hoffmann
@ 2015-03-12 9:00 ` Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 4/7] ui: fix regression in x509verify parameter for VNC server Gerd Hoffmann
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann, Anthony Liguori
Use inet_listen_opts instead of inet_listen. Allows us to drop some
pointless indirection: Format strings just to parse them again later on.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
---
ui/vnc.c | 75 +++++++++++++++++++++++++++++++++++-----------------------------
1 file changed, 41 insertions(+), 34 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index bac44ce..db8409b 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3322,13 +3322,14 @@ void vnc_display_open(const char *id, Error **errp)
{
VncDisplay *vs = vnc_display_find(id);
QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id);
+ QemuOpts *sopts, *wsopts;
const char *share, *device_id;
QemuConsole *con;
bool password = false;
bool reverse = false;
const char *vnc;
const char *has_to;
- char *display, *ws_display = NULL, *to = NULL;
+ char *h;
bool has_ipv4 = false;
bool has_ipv6 = false;
#ifdef CONFIG_VNC_WS
@@ -3361,16 +3362,36 @@ void vnc_display_open(const char *id, Error **errp)
return;
}
- has_to = qemu_opt_get(opts, "to");
- if (has_to) {
- to = g_strdup_printf(",to=%s", has_to);
+ sopts = qemu_opts_create(&socket_optslist, NULL, 0, &error_abort);
+ wsopts = qemu_opts_create(&socket_optslist, NULL, 0, &error_abort);
+
+ h = strrchr(vnc, ':');
+ if (h) {
+ char *host = g_strndup(vnc, h - vnc);
+ qemu_opt_set(sopts, "host", host, &error_abort);
+ qemu_opt_set(wsopts, "host", host, &error_abort);
+ qemu_opt_set(sopts, "port", h+1, &error_abort);
+ g_free(host);
+ } else {
+ error_setg(errp, "no vnc port specified");
+ goto fail;
}
+
+ has_to = qemu_opt_get(opts, "to");
has_ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
has_ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
- display = g_strdup_printf("%s%s%s%s", vnc,
- has_to ? to : "",
- has_ipv4 ? ",ipv4" : "",
- has_ipv6 ? ",ipv6" : "");
+ if (has_to) {
+ qemu_opt_set(sopts, "to", has_to, &error_abort);
+ qemu_opt_set(wsopts, "to", has_to, &error_abort);
+ }
+ if (has_ipv4) {
+ qemu_opt_set(sopts, "ipv4", "on", &error_abort);
+ qemu_opt_set(wsopts, "ipv4", "on", &error_abort);
+ }
+ if (has_ipv6) {
+ qemu_opt_set(sopts, "ipv6", "on", &error_abort);
+ qemu_opt_set(wsopts, "ipv6", "on", &error_abort);
+ }
password = qemu_opt_get_bool(opts, "password", false);
if (password && fips_get_state()) {
@@ -3423,19 +3444,9 @@ void vnc_display_open(const char *id, Error **errp)
#ifdef CONFIG_VNC_WS
websocket = qemu_opt_get(opts, "websocket");
if (websocket) {
- /* extract the host specification from display */
- char *host = NULL, *host_end = NULL;
vs->ws_enabled = true;
+ qemu_opt_set(wsopts, "port", websocket, &error_abort);
- /* ipv6 hosts have colons */
- host_end = strrchr(display, ':');
- if (host_end) {
- host = g_strndup(display, host_end - display + 1);
- } else {
- host = g_strdup(":");
- }
- ws_display = g_strconcat(host, websocket, NULL);
- g_free(host);
}
#endif /* CONFIG_VNC_WS */
@@ -3605,10 +3616,10 @@ void vnc_display_open(const char *id, Error **errp)
#ifdef CONFIG_VNC_WS
vs->lwebsock = -1;
#endif
- if (strncmp(display, "unix:", 5) == 0) {
- csock = unix_connect(display+5, errp);
+ if (strncmp(vnc, "unix:", 5) == 0) {
+ csock = unix_connect(vnc+5, errp);
} else {
- csock = inet_connect(display, errp);
+ csock = inet_connect(vnc, errp);
}
if (csock < 0) {
goto fail;
@@ -3616,19 +3627,17 @@ void vnc_display_open(const char *id, Error **errp)
vnc_connect(vs, csock, false, false);
} else {
/* listen for connects */
- if (strncmp(display, "unix:", 5) == 0) {
- vs->lsock = unix_listen(display+5, NULL, 0, errp);
+ if (strncmp(vnc, "unix:", 5) == 0) {
+ vs->lsock = unix_listen(vnc+5, NULL, 0, errp);
vs->is_unix = true;
} else {
- vs->lsock = inet_listen(display, NULL, 0,
- SOCK_STREAM, 5900, errp);
+ vs->lsock = inet_listen_opts(sopts, 5900, errp);
if (vs->lsock < 0) {
goto fail;
}
#ifdef CONFIG_VNC_WS
if (vs->ws_enabled) {
- vs->lwebsock = inet_listen(ws_display, NULL, 0,
- SOCK_STREAM, 0, errp);
+ vs->lwebsock = inet_listen_opts(wsopts, 0, errp);
if (vs->lwebsock < 0) {
if (vs->lsock) {
close(vs->lsock);
@@ -3639,27 +3648,25 @@ void vnc_display_open(const char *id, Error **errp)
}
#endif /* CONFIG_VNC_WS */
}
- g_free(to);
- g_free(display);
vs->enabled = true;
qemu_set_fd_handler2(vs->lsock, NULL,
vnc_listen_regular_read, NULL, vs);
#ifdef CONFIG_VNC_WS
- g_free(ws_display);
if (vs->ws_enabled) {
qemu_set_fd_handler2(vs->lwebsock, NULL,
vnc_listen_websocket_read, NULL, vs);
}
#endif /* CONFIG_VNC_WS */
}
+ qemu_opts_del(sopts);
+ qemu_opts_del(wsopts);
return;
fail:
- g_free(to);
- g_free(display);
+ qemu_opts_del(sopts);
+ qemu_opts_del(wsopts);
vs->enabled = false;
#ifdef CONFIG_VNC_WS
- g_free(ws_display);
vs->ws_enabled = false;
#endif /* CONFIG_VNC_WS */
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 4/7] ui: fix regression in x509verify parameter for VNC server
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
` (2 preceding siblings ...)
2015-03-12 9:00 ` [Qemu-devel] [PULL 3/7] vnc: switch to inet_listen_opts Gerd Hoffmann
@ 2015-03-12 9:00 ` Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 5/7] ui/console: fix OVERFLOW_BEFORE_WIDEN Gerd Hoffmann
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann, Anthony Liguori
From: "Daniel P. Berrange" <berrange@redhat.com>
The 'x509verify' parameter is documented as taking a path to the
x509 certificates, ie the same syntax as the 'x509' parameter.
commit 4db14629c38611061fc19ec6927405923de84f08
Author: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue Sep 16 12:33:03 2014 +0200
vnc: switch to QemuOpts, allow multiple servers
caused a regression by turning 'x509verify' into a boolean
parameter instead. This breaks setup from libvirt and is not
consistent with the docs.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
ui/vnc.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index db8409b..b514777 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3303,7 +3303,7 @@ static QemuOptsList qemu_vnc_opts = {
.type = QEMU_OPT_BOOL,
},{
.name = "x509verify",
- .type = QEMU_OPT_BOOL,
+ .type = QEMU_OPT_STRING,
},{
.name = "acl",
.type = QEMU_OPT_BOOL,
@@ -3410,9 +3410,14 @@ void vnc_display_open(const char *id, Error **errp)
#ifdef CONFIG_VNC_TLS
tls = qemu_opt_get_bool(opts, "tls", false);
path = qemu_opt_get(opts, "x509");
+ if (!path) {
+ path = qemu_opt_get(opts, "x509verify");
+ if (path) {
+ vs->tls.x509verify = true;
+ }
+ }
if (path) {
x509 = true;
- vs->tls.x509verify = qemu_opt_get_bool(opts, "x509verify", false);
if (vnc_tls_set_x509_creds_dir(vs, path) < 0) {
error_setg(errp, "Failed to find x509 certificates/keys in %s",
path);
--
1.8.3.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 5/7] ui/console: fix OVERFLOW_BEFORE_WIDEN
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
` (3 preceding siblings ...)
2015-03-12 9:00 ` [Qemu-devel] [PULL 4/7] ui: fix regression in x509verify parameter for VNC server Gerd Hoffmann
@ 2015-03-12 9:00 ` Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 6/7] vnc: avoid possible file handler leak Gerd Hoffmann
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gonglei, Gerd Hoffmann, Anthony Liguori
From: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
ui/console.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ui/console.c b/ui/console.c
index 87af6b5..b15ca87 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -1285,9 +1285,9 @@ DisplaySurface *qemu_create_displaysurface_guestmem(int width, int height,
linesize = width * PIXMAN_FORMAT_BPP(format) / 8;
}
- size = linesize * height;
+ size = (hwaddr)linesize * height;
data = cpu_physical_memory_map(addr, &size, 0);
- if (size != linesize * height) {
+ if (size != (hwaddr)linesize * height) {
cpu_physical_memory_unmap(data, size, 0, 0);
return NULL;
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 6/7] vnc: avoid possible file handler leak
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
` (4 preceding siblings ...)
2015-03-12 9:00 ` [Qemu-devel] [PULL 5/7] ui/console: fix OVERFLOW_BEFORE_WIDEN Gerd Hoffmann
@ 2015-03-12 9:00 ` Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 7/7] vnc: fix segmentation fault when invalid vnc parameters are specified Gerd Hoffmann
2015-03-12 11:38 ` [Qemu-devel] [PULL 0/7] vnc patch queue Peter Maydell
7 siblings, 0 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gonglei, Gerd Hoffmann, Anthony Liguori
From: Gonglei <arei.gonglei@huawei.com>
vs->lsock may equal to 0, modify the check condition,
avoid possible vs->lsock leak.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
ui/vnc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index b514777..1e95445 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3644,7 +3644,7 @@ void vnc_display_open(const char *id, Error **errp)
if (vs->ws_enabled) {
vs->lwebsock = inet_listen_opts(wsopts, 0, errp);
if (vs->lwebsock < 0) {
- if (vs->lsock) {
+ if (vs->lsock != -1) {
close(vs->lsock);
vs->lsock = -1;
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 7/7] vnc: fix segmentation fault when invalid vnc parameters are specified
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
` (5 preceding siblings ...)
2015-03-12 9:00 ` [Qemu-devel] [PULL 6/7] vnc: avoid possible file handler leak Gerd Hoffmann
@ 2015-03-12 9:00 ` Gerd Hoffmann
2015-03-12 11:38 ` [Qemu-devel] [PULL 0/7] vnc patch queue Peter Maydell
7 siblings, 0 replies; 9+ messages in thread
From: Gerd Hoffmann @ 2015-03-12 9:00 UTC (permalink / raw)
To: qemu-devel; +Cc: Gonglei, Gerd Hoffmann, Anthony Liguori
From: Gonglei <arei.gonglei@huawei.com>
Reproducer:
#./qemu-system-x86_64 -vnc :0,ip
qemu-system-x86_64: -vnc :1,ip: Invalid parameter 'ip'
Segmentation fault (core dumped)
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
ui/vnc.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 1e95445..6f9b718 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3703,8 +3703,13 @@ QemuOpts *vnc_parse_func(const char *str)
{
QemuOptsList *olist = qemu_find_opts("vnc");
QemuOpts *opts = qemu_opts_parse(olist, str, 1);
- const char *id = qemu_opts_id(opts);
+ const char *id;
+ if (!opts) {
+ return NULL;
+ }
+
+ id = qemu_opts_id(opts);
if (!id) {
/* auto-assign id if not present */
vnc_auto_assign_id(olist, opts);
--
1.8.3.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [Qemu-devel] [PULL 0/7] vnc patch queue.
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
` (6 preceding siblings ...)
2015-03-12 9:00 ` [Qemu-devel] [PULL 7/7] vnc: fix segmentation fault when invalid vnc parameters are specified Gerd Hoffmann
@ 2015-03-12 11:38 ` Peter Maydell
7 siblings, 0 replies; 9+ messages in thread
From: Peter Maydell @ 2015-03-12 11:38 UTC (permalink / raw)
To: Gerd Hoffmann; +Cc: QEMU Developers
On 12 March 2015 at 09:00, Gerd Hoffmann <kraxel@redhat.com> wrote:
> Hi,
>
> Some vnc cleanups, more QemuOpts conversion fallout fixes.
>
> please pull,
> Gerd
>
> The following changes since commit 9159eb9abc31e02797dc55998e71f12c06846d55:
>
> Merge remote-tracking branch 'remotes/amit/tags/vser-for-2.3-1' into staging (2015-03-11 14:27:13 +0000)
>
> are available in the git repository at:
>
>
> git://git.kraxel.org/qemu tags/pull-vnc-20150312-1
>
> for you to fetch changes up to 81607cbfa433272d1f09bd0f0ae6c3b14f818972:
>
> vnc: fix segmentation fault when invalid vnc parameters are specified (2015-03-12 09:09:10 +0100)
>
> ----------------------------------------------------------------
> vnc: bugfixes and cleanups.
>
> ----------------------------------------------------------------
Applied, thanks.
-- PMM
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2015-03-12 11:38 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-03-12 9:00 [Qemu-devel] [PULL 0/7] vnc patch queue Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 1/7] vnc: drop display+ws_display from VncDisplay Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 2/7] vnc: remove dead code Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 3/7] vnc: switch to inet_listen_opts Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 4/7] ui: fix regression in x509verify parameter for VNC server Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 5/7] ui/console: fix OVERFLOW_BEFORE_WIDEN Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 6/7] vnc: avoid possible file handler leak Gerd Hoffmann
2015-03-12 9:00 ` [Qemu-devel] [PULL 7/7] vnc: fix segmentation fault when invalid vnc parameters are specified Gerd Hoffmann
2015-03-12 11:38 ` [Qemu-devel] [PULL 0/7] vnc patch queue Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).