From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NaE4w-0007Jj-T2
	for qemu-devel@nongnu.org; Wed, 27 Jan 2010 15:01:30 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1NaE4s-0007G7-Jr
	for qemu-devel@nongnu.org; Wed, 27 Jan 2010 15:01:30 -0500
Received: from [199.232.76.173] (port=41117 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NaE4s-0007Fs-EC
	for qemu-devel@nongnu.org; Wed, 27 Jan 2010 15:01:26 -0500
Received: from mx1.redhat.com ([209.132.183.28]:57063)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <lcapitulino@redhat.com>) id 1NaE4r-0002IH-Pj
	for qemu-devel@nongnu.org; Wed, 27 Jan 2010 15:01:26 -0500
Date: Wed, 27 Jan 2010 18:01:17 -0200
From: Luiz Capitulino <lcapitulino@redhat.com>
Message-ID: <20100127180117.5cf438bf@doriath>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [PATCH] Monitor: Fix command execution regression
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: agl@us.ibm.com


Function is_async_return() added by commit 940cc30d0d4 assumes
that 'data', which is returned by handlers, is always a QDict.

This is not true, as QLists can also be returned, in this case
we'll get a segfault.

Fix that by checking if 'data' is a QDict.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
---
 monitor.c |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/monitor.c b/monitor.c
index fbae5ce..fb7c572 100644
--- a/monitor.c
+++ b/monitor.c
@@ -3700,7 +3700,11 @@ static void monitor_print_error(Monitor *mon)
 
 static int is_async_return(const QObject *data)
 {
-    return data && qdict_haskey(qobject_to_qdict(data), "__mon_async");
+    if (data && qobject_type(data) == QTYPE_QDICT) {
+        return qdict_haskey(qobject_to_qdict(data), "__mon_async");
+    }
+
+    return 0;
 }
 
 static void monitor_call_handler(Monitor *mon, const mon_cmd_t *cmd,
-- 
1.6.6