[libvirt] [PATCH] qemu: avoid NULL deref on error
* src/qemu/qemu_command.c (qemuParseCommandLineDisk): Report error before cleaning def. --- Pushing under the trivial rule, as this is a blatant NULL deref. src/qemu/qemu_command.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 3ba0950..1687203 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4603,9 +4603,10 @@ qemuParseCommandLineDisk(virCapsPtr caps, host = def->src + strlen("nbd:"); port = strchr(host, ':'); if (!port) { - def = NULL; qemuReportError(VIR_ERR_INTERNAL_ERROR, - _("cannot parse nbd filename '%s'"), def->src); + _("cannot parse nbd filename '%s'"), + def->src); + def = NULL; goto cleanup; } *port++ = '\0'; -- 1.7.4
On Mon, Feb 14, 2011 at 05:34:54PM -0700, Eric Blake wrote:
* src/qemu/qemu_command.c (qemuParseCommandLineDisk): Report error before cleaning def. ---
Pushing under the trivial rule, as this is a blatant NULL deref.
src/qemu/qemu_command.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 3ba0950..1687203 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4603,9 +4603,10 @@ qemuParseCommandLineDisk(virCapsPtr caps, host = def->src + strlen("nbd:"); port = strchr(host, ':'); if (!port) { - def = NULL; qemuReportError(VIR_ERR_INTERNAL_ERROR, - _("cannot parse nbd filename '%s'"), def->src); + _("cannot parse nbd filename '%s'"), + def->src); + def = NULL; goto cleanup; } *port++ = '\0';
Urgh, thanks Clang ! And thanks for running libvirt code through it :-) Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
participants (2)
-
Daniel Veillard -
Eric Blake