* [Qemu-devel] [PATCH] qemu-kvm: avoid strlen of NULL pointer
@ 2010-03-03 14:32 Jens Osterkamp
2010-03-27 12:33 ` Aurelien Jarno
0 siblings, 1 reply; 2+ messages in thread
From: Jens Osterkamp @ 2010-03-03 14:32 UTC (permalink / raw)
To: qemu-devel
If the user wants to create a chardev of type socket but forgets to give a
host= option, qemu_opt_get returns NULL. This NULL pointer is then fed into
strlen a few lines below without a check which results in a segfault.
This fixes it.
Signed-off-by: Jens Osterkamp <jens@linux.vnet.ibm.com>
---
qemu-sockets.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/qemu-sockets.c b/qemu-sockets.c
index 23c3def..a191304 100644
--- a/qemu-sockets.c
+++ b/qemu-sockets.c
@@ -137,6 +137,9 @@ int inet_listen_opts(QemuOpts *opts, int port_offset)
pstrcpy(port, sizeof(port), qemu_opt_get(opts, "port"));
addr = qemu_opt_get(opts, "host");
+ if (!addr)
+ return -1;
+
to = qemu_opt_get_number(opts, "to", 0);
if (qemu_opt_get_bool(opts, "ipv4", 0))
ai.ai_family = PF_INET;
--
1.5.6.3
--
Best regards,
Jens Osterkamp
--------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Qemu-devel] [PATCH] qemu-kvm: avoid strlen of NULL pointer
2010-03-03 14:32 [Qemu-devel] [PATCH] qemu-kvm: avoid strlen of NULL pointer Jens Osterkamp
@ 2010-03-27 12:33 ` Aurelien Jarno
0 siblings, 0 replies; 2+ messages in thread
From: Aurelien Jarno @ 2010-03-27 12:33 UTC (permalink / raw)
To: Jens Osterkamp; +Cc: qemu-devel
On Wed, Mar 03, 2010 at 03:32:43PM +0100, Jens Osterkamp wrote:
> If the user wants to create a chardev of type socket but forgets to give a
> host= option, qemu_opt_get returns NULL. This NULL pointer is then fed into
> strlen a few lines below without a check which results in a segfault.
> This fixes it.
While this correctly fixes the segfault, it doesn't output any error
message. The best would probably be to fold that with the test of
"port", as the error message already mentions "host and/or port".
> Signed-off-by: Jens Osterkamp <jens@linux.vnet.ibm.com>
> ---
> qemu-sockets.c | 3 +++
> 1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/qemu-sockets.c b/qemu-sockets.c
> index 23c3def..a191304 100644
> --- a/qemu-sockets.c
> +++ b/qemu-sockets.c
> @@ -137,6 +137,9 @@ int inet_listen_opts(QemuOpts *opts, int port_offset)
> pstrcpy(port, sizeof(port), qemu_opt_get(opts, "port"));
> addr = qemu_opt_get(opts, "host");
>
> + if (!addr)
> + return -1;
> +
> to = qemu_opt_get_number(opts, "to", 0);
> if (qemu_opt_get_bool(opts, "ipv4", 0))
> ai.ai_family = PF_INET;
> --
> 1.5.6.3
>
>
> --
> Best regards,
>
> Jens Osterkamp
> --------------------------------------------------------------------------------
> IBM Deutschland Research & Development GmbH
> Vorsitzender des Aufsichtsrats: Martin Jetter
> Geschäftsführung: Dirk Wittkopp
> Sitz der Gesellschaft: Böblingen
> Registergericht: Amtsgericht Stuttgart, HRB 243294
>
>
>
>
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurelien@aurel32.net http://www.aurel32.net
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-03-27 12:33 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-03-03 14:32 [Qemu-devel] [PATCH] qemu-kvm: avoid strlen of NULL pointer Jens Osterkamp
2010-03-27 12:33 ` Aurelien Jarno
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).