From: "Marc-André Lureau" <marcandre.lureau@redhat.com>
To: qemu-devel@nongnu.org
Cc: paolo.bonzini@gmail.com, berrange@redhat.com,
qemu-stable@nongnu.org, eblake@redhat.com, armbru@redhat.com,
"Marc-André Lureau" <marcandre.lureau@redhat.com>
Subject: [Qemu-devel] [PATCH v3 2/3] qapi: fix crash when a parameter is missing
Date: Thu, 22 Sep 2016 22:48:48 +0400 [thread overview]
Message-ID: <20160922184849.30524-3-marcandre.lureau@redhat.com> (raw)
In-Reply-To: <20160922184849.30524-1-marcandre.lureau@redhat.com>
Calling:
{ "execute": "qom-set",
"arguments": { "path": "/machine", "property": "rtc-time" } }
Will crash with:
qapi/qapi-visit-core.c:277: visit_type_any: Assertion `!err != !*obj'
failed
Clear the obj and return an error.
The patch also fixes a similar potential crash in qmp_input_type_null()
by checking qmp_input_get_object() returned a valid qobj.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
---
qapi/qmp-input-visitor.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/qapi/qmp-input-visitor.c b/qapi/qmp-input-visitor.c
index 64dd392..fc91e74 100644
--- a/qapi/qmp-input-visitor.c
+++ b/qapi/qmp-input-visitor.c
@@ -338,6 +338,12 @@ static void qmp_input_type_any(Visitor *v, const char *name, QObject **obj,
QmpInputVisitor *qiv = to_qiv(v);
QObject *qobj = qmp_input_get_object(qiv, name, true);
+ if (!qobj) {
+ error_setg(errp, QERR_MISSING_PARAMETER, name ? name : "null");
+ *obj = NULL;
+ return;
+ }
+
qobject_incref(qobj);
*obj = qobj;
}
@@ -347,6 +353,11 @@ static void qmp_input_type_null(Visitor *v, const char *name, Error **errp)
QmpInputVisitor *qiv = to_qiv(v);
QObject *qobj = qmp_input_get_object(qiv, name, true);
+ if (!qobj) {
+ error_setg(errp, QERR_MISSING_PARAMETER, name ? name : "null");
+ return;
+ }
+
if (qobject_type(qobj) != QTYPE_QNULL) {
error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
"null");
--
2.10.0
next prev parent reply other threads:[~2016-09-22 18:49 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-22 18:48 [Qemu-devel] [PATCH v3 0/3] Fix some qapi assert() Marc-André Lureau
2016-09-22 18:48 ` [Qemu-devel] [PATCH v3 1/3] qmp: fix object-add assert() without props Marc-André Lureau
2016-09-22 18:48 ` Marc-André Lureau [this message]
2016-09-22 18:48 ` [Qemu-devel] [PATCH v3 3/3] tests: start generic qemu-qmp tests Marc-André Lureau
2016-09-22 19:13 ` Eric Blake
2016-09-22 19:23 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160922184849.30524-3-marcandre.lureau@redhat.com \
--to=marcandre.lureau@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=eblake@redhat.com \
--cc=paolo.bonzini@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).