[libvirt] [PATCH] qemu: avoid dereferencing a NULL pointer
From: Alex Jia <ajia(a)redhat.com>
* src/qemu/qemu_process.c: Taking if (qemuDomainObjEndJob(driver, obj) == 0)
true branch then 'obj' is NULL, virDomainObjIsActive(obj) and
virDomainObjUnref(obj) will dereference NULL pointer.
Signed-off-by: Alex Jia <ajia(a)redhat.com>
---
src/qemu/qemu_process.c | 32 +++++++++++++++++---------------
1 files changed, 17 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index bd49b21..9fdf846 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -2661,22 +2661,24 @@ error:
if (qemuDomainObjEndJob(driver, obj) == 0)
obj = NULL;
- if (!virDomainObjIsActive(obj)) {
- if (virDomainObjUnref(obj) > 0)
- virDomainObjUnlock(obj);
- qemuDriverUnlock(driver);
- return;
- }
+ if (obj) {
+ if (!virDomainObjIsActive(obj)) {
+ if (virDomainObjUnref(obj) > 0)
+ virDomainObjUnlock(obj);
+ qemuDriverUnlock(driver);
+ return;
+ }
- if (virDomainObjUnref(obj) > 0) {
- /* We can't get the monitor back, so must kill the VM
- * to remove danger of it ending up running twice if
- * user tries to start it again later */
- qemuProcessStop(driver, obj, 0, VIR_DOMAIN_SHUTOFF_FAILED);
- if (!obj->persistent)
- virDomainRemoveInactive(&driver->domains, obj);
- else
- virDomainObjUnlock(obj);
+ if (virDomainObjUnref(obj) > 0) {
+ /* We can't get the monitor back, so must kill the VM
+ * to remove danger of it ending up running twice if
+ * user tries to start it again later */
+ qemuProcessStop(driver, obj, 0, VIR_DOMAIN_SHUTOFF_FAILED);
+ if (!obj->persistent)
+ virDomainRemoveInactive(&driver->domains, obj);
+ else
+ virDomainObjUnlock(obj);
+ }
}
qemuDriverUnlock(driver);
--
1.7.1