[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] Fix null pointer dereference in util/fdmon-epoll.c
|
From: |
Daniella Lee |
|
Subject: |
[PATCH] Fix null pointer dereference in util/fdmon-epoll.c |
|
Date: |
Tue, 11 Jan 2022 20:10:59 +0800 |
Orginal qemu commit hash: de3f5223fa4cf8bfc5e3fe1fd495ddf468edcdf7
In util/fdmon-epoll.c, function fdmon_epoll_update, variable "old_node"
maybe NULL with the condition, while it is directly used in the statement and
may lead to null pointer dereferencen problem.
Variable "r" in the condition is the return value of epoll_ctl function,
and will return -1 when failed.
Therefore, the patch added a check and initialized the variable "r".
Signed-off-by: Daniella Lee <daniellalee111@gmail.com>
---
util/fdmon-epoll.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/util/fdmon-epoll.c b/util/fdmon-epoll.c
index e11a8a022e..3c8b0de694 100644
--- a/util/fdmon-epoll.c
+++ b/util/fdmon-epoll.c
@@ -38,10 +38,12 @@ static void fdmon_epoll_update(AioContext *ctx,
.data.ptr = new_node,
.events = new_node ? epoll_events_from_pfd(new_node->pfd.events) : 0,
};
- int r;
+ int r = -1;
if (!new_node) {
- r = epoll_ctl(ctx->epollfd, EPOLL_CTL_DEL, old_node->pfd.fd, &event);
+ if (old_node) {
+ r = epoll_ctl(ctx->epollfd, EPOLL_CTL_DEL, old_node->pfd.fd,
&event);
+ }
} else if (!old_node) {
r = epoll_ctl(ctx->epollfd, EPOLL_CTL_ADD, new_node->pfd.fd, &event);
} else {
--
2.17.1
- [PATCH] Fix null pointer dereference in util/fdmon-epoll.c,
Daniella Lee <=