From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1O1FML-0002OM-3h
	for qemu-devel@nongnu.org; Mon, 12 Apr 2010 04:51:09 -0400
Received: from [140.186.70.92] (port=47027 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1O1FMJ-0002Nn-FH
	for qemu-devel@nongnu.org; Mon, 12 Apr 2010 04:51:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <jens@linux.vnet.ibm.com>) id 1O1FMH-0003mq-PH
	for qemu-devel@nongnu.org; Mon, 12 Apr 2010 04:51:07 -0400
Received: from mtagate5.uk.ibm.com ([194.196.100.165]:32823)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <jens@linux.vnet.ibm.com>) id 1O1FMH-0003mZ-Hx
	for qemu-devel@nongnu.org; Mon, 12 Apr 2010 04:51:05 -0400
Received: from d06nrmr1707.portsmouth.uk.ibm.com
	(d06nrmr1707.portsmouth.uk.ibm.com [9.149.39.225])
	by mtagate5.uk.ibm.com (8.13.1/8.13.1) with ESMTP id o3C8p3cu005898
	for <qemu-devel@nongnu.org>; Mon, 12 Apr 2010 08:51:03 GMT
Received: from d06av03.portsmouth.uk.ibm.com (d06av03.portsmouth.uk.ibm.com
	[9.149.37.213])
	by d06nrmr1707.portsmouth.uk.ibm.com (8.13.8/8.13.8/NCO v10.0) with
	ESMTP id o3C8p3FD1564838
	for <qemu-devel@nongnu.org>; Mon, 12 Apr 2010 09:51:03 +0100
Received: from d06av03.portsmouth.uk.ibm.com (loopback [127.0.0.1])
	by d06av03.portsmouth.uk.ibm.com (8.12.11.20060308/8.13.3) with ESMTP
	id o3C8p3FM003318
	for <qemu-devel@nongnu.org>; Mon, 12 Apr 2010 09:51:03 +0100
Received: from jens-laptop.localnet (ICON-9-164-166-38.megacenter.de.ibm.com
	[9.164.166.38])
	by d06av03.portsmouth.uk.ibm.com (8.12.11.20060308/8.12.11) with ESMTP
	id o3C8p1AN003278
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <qemu-devel@nongnu.org>; Mon, 12 Apr 2010 09:51:03 +0100
From: Jens Osterkamp <jens@linux.vnet.ibm.com>
Date: Mon, 12 Apr 2010 10:51:01 +0200
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <201004121051.02057.jens@linux.vnet.ibm.com>
Subject: [Qemu-devel] [PATCH v2] qemu-kvm: avoid strlen of NULL pointer
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org


If the user wants to create a chardev of type socket but forgets to give a
host= option, qemu_opt_get returns NULL. This NULL pointer is then fed into
strlen a few lines below without a check which results in a segfault.
This fixes it.

Signed-off-by: Jens Osterkamp <jens@linux.vnet.ibm.com>
---
 qemu-sockets.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/qemu-sockets.c b/qemu-sockets.c
index 23c3def..87a79e5 100644
--- a/qemu-sockets.c
+++ b/qemu-sockets.c
@@ -130,7 +130,8 @@ int inet_listen_opts(QemuOpts *opts, int port_offset)
     ai.ai_family = PF_UNSPEC;
     ai.ai_socktype = SOCK_STREAM;
 
-    if (qemu_opt_get(opts, "port") == NULL) {
+    if ((qemu_opt_get(opts, "port") == NULL) ||
+	(qemu_opt_get(opts, "host") == NULL)) {
         fprintf(stderr, "%s: host and/or port not specified\n", __FUNCTION__);
         return -1;
     }
-- 
1.5.6.3