[Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault
@ 2012-09-01  7:30 Stefan Weil
  2012-09-03  6:57 ` Paolo Bonzini
  0 siblings, 1 reply; 5+ messages in thread
From: Stefan Weil @ 2012-09-01  7:30 UTC (permalink / raw)
  To: Paolo Bonzini; +Cc: Stefan Weil, qemu-devel

Report from smatch:

qapi-visit.c:1640 visit_type_BlockdevAction(8) error:
 we previously assumed 'obj' could be null (see line 1639)
qapi-visit.c:2432 visit_type_NetClientOptions(8) error:
 we previously assumed 'obj' could be null (see line 2431)

Signed-off-by: Stefan Weil <sw@weilnetz.de>
---
 scripts/qapi-visit.py |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
index 2afc5c0..1a669f3 100644
--- a/scripts/qapi-visit.py
+++ b/scripts/qapi-visit.py
@@ -157,7 +157,7 @@ void visit_type_%(name)s(Visitor *m, %(name)s ** obj, const char *name, Error **
     if (!error_is_set(errp)) {
         visit_start_struct(m, (void **)obj, "%(name)s", name, sizeof(%(name)s), &err);
         if (!err) {
-            if (!obj || *obj) {
+            if (obj && *obj) {
                 visit_type_%(name)sKind(m, &(*obj)->kind, "type", &err);
                 if (!err) {
                     switch ((*obj)->kind) {
-- 
1.7.10

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault
  2012-09-01  7:30 [Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault Stefan Weil
@ 2012-09-03  6:57 ` Paolo Bonzini
  2012-09-03 16:34   ` Luiz Capitulino
  0 siblings, 1 reply; 5+ messages in thread
From: Paolo Bonzini @ 2012-09-03  6:57 UTC (permalink / raw)
  To: Stefan Weil; +Cc: qemu-devel

Il 01/09/2012 09:30, Stefan Weil ha scritto:
> Report from smatch:
> 
> qapi-visit.c:1640 visit_type_BlockdevAction(8) error:
>  we previously assumed 'obj' could be null (see line 1639)
> qapi-visit.c:2432 visit_type_NetClientOptions(8) error:
>  we previously assumed 'obj' could be null (see line 2431)
> 
> Signed-off-by: Stefan Weil <sw@weilnetz.de>
> ---
>  scripts/qapi-visit.py |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
> index 2afc5c0..1a669f3 100644
> --- a/scripts/qapi-visit.py
> +++ b/scripts/qapi-visit.py
> @@ -157,7 +157,7 @@ void visit_type_%(name)s(Visitor *m, %(name)s ** obj, const char *name, Error **
>      if (!error_is_set(errp)) {
>          visit_start_struct(m, (void **)obj, "%(name)s", name, sizeof(%(name)s), &err);
>          if (!err) {
> -            if (!obj || *obj) {
> +            if (obj && *obj) {
>                  visit_type_%(name)sKind(m, &(*obj)->kind, "type", &err);
>                  if (!err) {
>                      switch ((*obj)->kind) {
> 

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

Paolo

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault
  2012-09-03  6:57 ` Paolo Bonzini
@ 2012-09-03 16:34   ` Luiz Capitulino
  2012-09-03 16:49     ` Stefan Weil
  0 siblings, 1 reply; 5+ messages in thread
From: Luiz Capitulino @ 2012-09-03 16:34 UTC (permalink / raw)
  To: Paolo Bonzini; +Cc: Stefan Weil, qemu-devel

On Mon, 03 Sep 2012 08:57:36 +0200
Paolo Bonzini <pbonzini@redhat.com> wrote:

> Il 01/09/2012 09:30, Stefan Weil ha scritto:
> > Report from smatch:
> > 
> > qapi-visit.c:1640 visit_type_BlockdevAction(8) error:
> >  we previously assumed 'obj' could be null (see line 1639)
> > qapi-visit.c:2432 visit_type_NetClientOptions(8) error:
> >  we previously assumed 'obj' could be null (see line 2431)
> > 
> > Signed-off-by: Stefan Weil <sw@weilnetz.de>
> > ---
> >  scripts/qapi-visit.py |    2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
> > index 2afc5c0..1a669f3 100644
> > --- a/scripts/qapi-visit.py
> > +++ b/scripts/qapi-visit.py
> > @@ -157,7 +157,7 @@ void visit_type_%(name)s(Visitor *m, %(name)s ** obj, const char *name, Error **
> >      if (!error_is_set(errp)) {
> >          visit_start_struct(m, (void **)obj, "%(name)s", name, sizeof(%(name)s), &err);
> >          if (!err) {
> > -            if (!obj || *obj) {
> > +            if (obj && *obj) {
> >                  visit_type_%(name)sKind(m, &(*obj)->kind, "type", &err);
> >                  if (!err) {
> >                      switch ((*obj)->kind) {
> > 
> 
> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

Is this for 1.2?

Although the fix is pretty obvious, it doesn't seem possible to trigger the
segfault today and I believe we're only accepting true bug fixes at this point
(ie. two days from the release).

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault
  2012-09-03 16:34   ` Luiz Capitulino
@ 2012-09-03 16:49     ` Stefan Weil
  2012-09-03 16:52       ` Luiz Capitulino
  0 siblings, 1 reply; 5+ messages in thread
From: Stefan Weil @ 2012-09-03 16:49 UTC (permalink / raw)
  To: Luiz Capitulino; +Cc: Paolo Bonzini, qemu-devel

Am 03.09.2012 18:34, schrieb Luiz Capitulino:
> On Mon, 03 Sep 2012 08:57:36 +0200
> Paolo Bonzini <pbonzini@redhat.com> wrote:
>
>> Il 01/09/2012 09:30, Stefan Weil ha scritto:
>>> Report from smatch:
>>>
>>> qapi-visit.c:1640 visit_type_BlockdevAction(8) error:
>>>   we previously assumed 'obj' could be null (see line 1639)
>>> qapi-visit.c:2432 visit_type_NetClientOptions(8) error:
>>>   we previously assumed 'obj' could be null (see line 2431)
>>>
>>> Signed-off-by: Stefan Weil <sw@weilnetz.de>
>>> ---
>>>   scripts/qapi-visit.py |    2 +-
>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
>>> index 2afc5c0..1a669f3 100644
>>> --- a/scripts/qapi-visit.py
>>> +++ b/scripts/qapi-visit.py
>>> @@ -157,7 +157,7 @@ void visit_type_%(name)s(Visitor *m, %(name)s ** obj, const char *name, Error **
>>>       if (!error_is_set(errp)) {
>>>           visit_start_struct(m, (void **)obj, "%(name)s", name, sizeof(%(name)s), &err);
>>>           if (!err) {
>>> -            if (!obj || *obj) {
>>> +            if (obj && *obj) {
>>>                   visit_type_%(name)sKind(m, &(*obj)->kind, "type", &err);
>>>                   if (!err) {
>>>                       switch ((*obj)->kind) {
>>>
>>
>> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
>
> Is this for 1.2?
>
> Although the fix is pretty obvious, it doesn't seem possible to trigger the
> segfault today and I believe we're only accepting true bug fixes at this point
> (ie. two days from the release).

As long as nobody has a scenario which triggers the bug,
there is no need to apply that patch before 1.2 is released.

That's why I did not add "for 1.2" to the subject line.

- sw

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault
  2012-09-03 16:49     ` Stefan Weil
@ 2012-09-03 16:52       ` Luiz Capitulino
  0 siblings, 0 replies; 5+ messages in thread
From: Luiz Capitulino @ 2012-09-03 16:52 UTC (permalink / raw)
  To: Stefan Weil; +Cc: Paolo Bonzini, qemu-devel

On Mon, 03 Sep 2012 18:49:54 +0200
Stefan Weil <sw@weilnetz.de> wrote:

> Am 03.09.2012 18:34, schrieb Luiz Capitulino:
> > On Mon, 03 Sep 2012 08:57:36 +0200
> > Paolo Bonzini <pbonzini@redhat.com> wrote:
> >
> >> Il 01/09/2012 09:30, Stefan Weil ha scritto:
> >>> Report from smatch:
> >>>
> >>> qapi-visit.c:1640 visit_type_BlockdevAction(8) error:
> >>>   we previously assumed 'obj' could be null (see line 1639)
> >>> qapi-visit.c:2432 visit_type_NetClientOptions(8) error:
> >>>   we previously assumed 'obj' could be null (see line 2431)
> >>>
> >>> Signed-off-by: Stefan Weil <sw@weilnetz.de>
> >>> ---
> >>>   scripts/qapi-visit.py |    2 +-
> >>>   1 file changed, 1 insertion(+), 1 deletion(-)
> >>>
> >>> diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
> >>> index 2afc5c0..1a669f3 100644
> >>> --- a/scripts/qapi-visit.py
> >>> +++ b/scripts/qapi-visit.py
> >>> @@ -157,7 +157,7 @@ void visit_type_%(name)s(Visitor *m, %(name)s ** obj, const char *name, Error **
> >>>       if (!error_is_set(errp)) {
> >>>           visit_start_struct(m, (void **)obj, "%(name)s", name, sizeof(%(name)s), &err);
> >>>           if (!err) {
> >>> -            if (!obj || *obj) {
> >>> +            if (obj && *obj) {
> >>>                   visit_type_%(name)sKind(m, &(*obj)->kind, "type", &err);
> >>>                   if (!err) {
> >>>                       switch ((*obj)->kind) {
> >>>
> >>
> >> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
> >
> > Is this for 1.2?
> >
> > Although the fix is pretty obvious, it doesn't seem possible to trigger the
> > segfault today and I believe we're only accepting true bug fixes at this point
> > (ie. two days from the release).
> 
> As long as nobody has a scenario which triggers the bug,
> there is no need to apply that patch before 1.2 is released.
> 
> That's why I did not add "for 1.2" to the subject line.

Applied to qmp-next, thanks.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2012-09-03 16:51 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-09-01  7:30 [Qemu-devel] [PATCH] qapi: Fix potential NULL pointer segfault Stefan Weil
2012-09-03  6:57 ` Paolo Bonzini
2012-09-03 16:34   ` Luiz Capitulino
2012-09-03 16:49     ` Stefan Weil
2012-09-03 16:52       ` Luiz Capitulino

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).