[Qemu-devel] [PATCH] sheepdog: fix NULL dereference in sd_create

[Qemu-devel] [PATCH] sheepdog: fix NULL dereference in sd_create

[Liu Yuan]

Following command

qemu-img create -f qcow2 sheepdog:test 20g

will cause core dump because aio_context is NULL in sd_create. We should
initialize it by qemu_get_aio_context() to avoid NULL dereference.

Cc: qemu-devel@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Liu Yuan <namei.unix@gmail.com>
---
 block/sheepdog.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/block/sheepdog.c b/block/sheepdog.c
index 1fa1939..47a8b5a 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -1761,6 +1761,7 @@ static int sd_create(const char *filename, QEMUOptionParameter *options,
         bdrv_unref(bs);
     }
 
+    s->aio_context = qemu_get_aio_context();
     ret = do_sd_create(s, &vid, 0, errp);
     if (ret) {
         goto out;
-- 
1.8.1.2

Re: [Qemu-devel] [PATCH] sheepdog: fix NULL dereference in sd_create

[Stefan Hajnoczi]

[-- Attachment #1: Type: text/plain, Size: 645 bytes --]

On Tue, Jun 17, 2014 at 01:45:35PM +0800, Liu Yuan wrote:
> Following command
> 
> qemu-img create -f qcow2 sheepdog:test 20g
> 
> will cause core dump because aio_context is NULL in sd_create. We should
> initialize it by qemu_get_aio_context() to avoid NULL dereference.
> 
> Cc: qemu-devel@nongnu.org
> Cc: Kevin Wolf <kwolf@redhat.com>
> Cc: Stefan Hajnoczi <stefanha@redhat.com>
> Signed-off-by: Liu Yuan <namei.unix@gmail.com>
> ---
>  block/sheepdog.c | 1 +
>  1 file changed, 1 insertion(+)

Sorry about this, it's my fault.

Thanks, applied to my block tree:
https://github.com/stefanha/qemu/commits/block

Stefan

[-- Attachment #2: Type: application/pgp-signature, Size: 473 bytes --]