[Qemu-devel] [PULL 12/17] qemu-char: avoid segfault if user lacks of permisson of a given logfile

[Paolo Bonzini]

From: Lin Ma <address@hidden>

Function qemu_chr_alloc returns NULL if it failed to open logfile by any reason,
says no write permission. For backends tty, stdio and msmouse, They need to
check this return value to avoid segfault in this case.

Signed-off-by: Lin Ma <address@hidden>
Cc: qemu-stable <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
---
 backends/msmouse.c | 3 +++
 qemu-char.c        | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/backends/msmouse.c b/backends/msmouse.c
index aeb9055..aceb6dc 100644
--- a/backends/msmouse.c
+++ b/backends/msmouse.c
@@ -159,6 +159,9 @@ static CharDriverState *qemu_chr_open_msmouse(const char 
*id,
     CharDriverState *chr;
 
     chr = qemu_chr_alloc(common, errp);
+    if (!chr) {
+        return NULL;
+    }
     chr->chr_write = msmouse_chr_write;
     chr->chr_close = msmouse_chr_close;
     chr->chr_accept_input = msmouse_chr_accept_input;
diff --git a/qemu-char.c b/qemu-char.c
index 7fa87a8..8826419 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1230,6 +1230,9 @@ static CharDriverState *qemu_chr_open_stdio(const char 
*id,
     sigaction(SIGCONT, &act, NULL);
 
     chr = qemu_chr_open_fd(0, 1, common, errp);
+    if (!chr) {
+        return NULL;
+    }
     chr->chr_close = qemu_chr_close_stdio;
     chr->chr_set_echo = qemu_chr_set_echo_stdio;
     if (opts->has_signal) {
@@ -1686,6 +1689,9 @@ static CharDriverState *qemu_chr_open_tty_fd(int fd,
 
     tty_serial_init(fd, 115200, 'N', 8, 1);
     chr = qemu_chr_open_fd(fd, fd, backend, errp);
+    if (!chr) {
+        return NULL;
+    }
     chr->chr_ioctl = tty_serial_ioctl;
     chr->chr_close = qemu_chr_close_tty;
     return chr;
-- 
1.8.3.1