qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH v2 2/3] qapi: fix crash when a parameter is missing

From: Marc-André Lureau
Subject: [Qemu-devel] [PATCH v2 2/3] qapi: fix crash when a parameter is missing
Date: Thu, 22 Sep 2016 17:09:04 +0400 
Calling:

{ "execute": "qom-set",
  "arguments": { "path": "/machine", "property": "rtc-time" } }

Will crash with:

qapi/qapi-visit-core.c:277: visit_type_any: Assertion `!err != !*obj'
failed

Clear the obj and return an error.

The patch also fixes a similar potential crash in qmp_input_type_null()
by checking qmp_input_get_object() returned a valid qobj.

Signed-off-by: Marc-André Lureau <address@hidden>
---
 qapi/qmp-input-visitor.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/qapi/qmp-input-visitor.c b/qapi/qmp-input-visitor.c
index 64dd392..fc91e74 100644
--- a/qapi/qmp-input-visitor.c
+++ b/qapi/qmp-input-visitor.c
@@ -338,6 +338,12 @@ static void qmp_input_type_any(Visitor *v, const char 
*name, QObject **obj,
     QmpInputVisitor *qiv = to_qiv(v);
     QObject *qobj = qmp_input_get_object(qiv, name, true);
 
+    if (!qobj) {
+        error_setg(errp, QERR_MISSING_PARAMETER, name ? name : "null");
+        *obj = NULL;
+        return;
+    }
+
     qobject_incref(qobj);
     *obj = qobj;
 }
@@ -347,6 +353,11 @@ static void qmp_input_type_null(Visitor *v, const char 
*name, Error **errp)
     QmpInputVisitor *qiv = to_qiv(v);
     QObject *qobj = qmp_input_get_object(qiv, name, true);
 
+    if (!qobj) {
+        error_setg(errp, QERR_MISSING_PARAMETER, name ? name : "null");
+        return;
+    }
+
     if (qobject_type(qobj) != QTYPE_QNULL) {
         error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
                    "null");
-- 
2.10.0
reply via email to
[Prev in Thread] Current Thread [Next in Thread]