From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=57668 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PrD4R-0004xO-PP
	for qemu-devel@nongnu.org; Sun, 20 Feb 2011 12:27:44 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <aurelien@aurel32.net>) id 1PrD4Q-0007Y2-JQ
	for qemu-devel@nongnu.org; Sun, 20 Feb 2011 12:27:43 -0500
Received: from hall.aurel32.net ([88.191.126.93]:59067)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aurelien@aurel32.net>) id 1PrD4Q-0007Xs-Em
	for qemu-devel@nongnu.org; Sun, 20 Feb 2011 12:27:42 -0500
Date: Sun, 20 Feb 2011 18:27:37 +0100
From: Aurelien Jarno <aurelien@aurel32.net>
Subject: Re: [Qemu-devel] [PATCH] qemu-char: Check for missing backend name
Message-ID: <20110220172737.GO18619@volta.aurel32.net>
References: <1295701646-3022-1-git-send-email-stefanha@linux.vnet.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
In-Reply-To: <1295701646-3022-1-git-send-email-stefanha@linux.vnet.ibm.com>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>, qemu-devel@nongnu.org

On Sat, Jan 22, 2011 at 01:07:26PM +0000, Stefan Hajnoczi wrote:
> Check if the backend option is missing before searching the backend
> table.  This fixes a NULL pointer dereference when QEMU is invoked with
> the following invalid command-line:
> 
>   $ qemu -chardev id=foo,path=/tmp/socket
> 
> Previously QEMU would segfault, now it produces this error message:
> 
>   chardev: "foo" missing backend
> 
> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
> ---
>  qemu-char.c |    5 +++++
>  1 files changed, 5 insertions(+), 0 deletions(-)

Thanks, applied.

> diff --git a/qemu-char.c b/qemu-char.c
> index edc9ad6..8a424d6 100644
> --- a/qemu-char.c
> +++ b/qemu-char.c
> @@ -2508,6 +2508,11 @@ CharDriverState *qemu_chr_open_opts(QemuOpts *opts,
>          return NULL;
>      }
>  
> +    if (qemu_opt_get(opts, "backend") == NULL) {
> +        fprintf(stderr, "chardev: \"%s\" missing backend\n",
> +                qemu_opts_id(opts));
> +        return NULL;
> +    }
>      for (i = 0; i < ARRAY_SIZE(backend_table); i++) {
>          if (strcmp(backend_table[i].name, qemu_opt_get(opts, "backend")) == 0)
>              break;
> -- 
> 1.7.2.3
> 
> 
> 

-- 
Aurelien Jarno                          GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net