From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:37639)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1VLwFp-0000mx-6l
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 10:27:55 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1VLwFe-0005QT-N1
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 10:27:49 -0400
Received: from mx1.redhat.com ([209.132.183.28]:9156)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1VLwFe-0005QE-FU
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 10:27:38 -0400
Message-ID: <523866DF.1010104@redhat.com>
Date: Tue, 17 Sep 2013 16:27:43 +0200
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <1379424752-11456-1-git-send-email-imammedo@redhat.com>
In-Reply-To: <1379424752-11456-1-git-send-email-imammedo@redhat.com>
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] qdev: fix crash when device_add is called
 with abstract driver
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Igor Mammedov <imammedo@redhat.com>
Cc: Stefan Weil <sw@weilnetz.de>, Wenchao Xia <xiawenc@linux.vnet.ibm.com>, qemu-devel@nongnu.org, Anthony Liguori <anthony@codemonkey.ws>, =?ISO-8859-15?Q?Andreas_F=E4rber?= <afaerber@suse.de>

Il 17/09/2013 15:32, Igor Mammedov ha scritto:
> user is able to crash running QEMU when following monitor
> command is called:
> 
>  device_add intel-hda-generic
> 
> crash is caused by assertion in object_initialize_with_type()
> when type is abstract.
> 
> Checking if type is abstract before instance is created in
> qdev_device_add() allows to prevent crash on incorrect user input.
> 
> Signed-off-by: Igor Mammedov <imammedo@redhat.com>
> ---
>  qdev-monitor.c |    6 ++++++
>  1 files changed, 6 insertions(+), 0 deletions(-)
> 
> diff --git a/qdev-monitor.c b/qdev-monitor.c
> index 410cdcb..bb2e1b6 100644
> --- a/qdev-monitor.c
> +++ b/qdev-monitor.c
> @@ -472,6 +472,12 @@ DeviceState *qdev_device_add(QemuOpts *opts)
>          return NULL;
>      }
>  
> +    if (object_class_is_abstract(obj)) {
> +        qerror_report(QERR_INVALID_PARAMETER_VALUE, "driver",
> +                      "non-abstract device type");
> +        return NULL;
> +    }
> +
>      k = DEVICE_CLASS(obj);
>  
>      /* find bus */
> 

Looks good,

Paolo