[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/8] block/export: Fix null pointer dereference in error path
|
From: |
Peter Maydell |
|
Subject: |
Re: [PATCH 2/8] block/export: Fix null pointer dereference in error path |
|
Date: |
Fri, 12 May 2023 16:31:10 +0100 |
On Wed, 10 May 2023 at 21:38, Kevin Wolf <kwolf@redhat.com> wrote:
>
> There are some error paths in blk_exp_add() that jump to 'fail:' before
> 'exp' is even created. So we can't just unconditionally access exp->blk.
>
> Add a NULL check, and switch from exp->blk to blk, which is available
> earlier, just to be extra sure that we really cover all cases where
> BlockDevOps could have been set for it (in practice, this only happens
> in drv->create() today, so this part of the change isn't strictly
> necessary).
>
> Fixes: de79b52604e43fdeba6cee4f5af600b62169f2d2
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
Coverity noticed this bug, incidentally: CID 1509238.
-- PMM
- [PATCH 0/8] block: Honour graph read lock even in the main thread, Kevin Wolf, 2023/05/10
- [PATCH 2/8] block/export: Fix null pointer dereference in error path, Kevin Wolf, 2023/05/10
- [PATCH 3/8] qcow2: Unlock the graph in qcow2_do_open() where necessary, Kevin Wolf, 2023/05/10
- [PATCH 4/8] qemu-img: Take graph lock more selectively, Kevin Wolf, 2023/05/10
- [PATCH 6/8] test-bdrv-drain: Call bdrv_co_unref() in coroutine context, Kevin Wolf, 2023/05/10
- [PATCH 5/8] test-bdrv-drain: Take graph lock more selectively, Kevin Wolf, 2023/05/10