[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v3 6/8] block: dump_qlist() may dereference a Nu
From: |
Max Reitz |
Subject: |
Re: [Qemu-devel] [PATCH v3 6/8] block: dump_qlist() may dereference a Null pointer |
Date: |
Fri, 12 Oct 2018 17:22:34 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0 |
On 31.08.18 20:16, Liam Merwick wrote:
> A NULL 'list' passed into function dump_qlist() isn't correctly
> validated and can be passed to qlist_first() where it is dereferenced.
>
> Given that dump_qlist() is static, and callers already do the right
> thing, just add an assert to catch future potential bugs.
>
> Signed-off-by: Liam Merwick <address@hidden>
> Reviewed-by: Eric Blake <address@hidden>
> ---
> block/qapi.c | 2 ++
> 1 file changed, 2 insertions(+)
I don't disagree, but I don't see why the program just wouldn't crash if
someone passed a NULL pointer. And I don't quite see why anyone would
pass a NULL pointer.
Of course it's reasonable to just add an assert() to reinforce the
contract; but we have so many functions that just take a pointer that
they assume to be non-NULL and then immediately dereference it. Nearly
every blk_* function takes a BlockBackend that is always assumed to be
non-NULL, for instance, and I don't really want to put assert()s into
all of them. Or another example: dump_qobject() and dump_qdict() do
exactly the same -- if we added an assertion in dump_qlist(), we would
actually have to add the very same assertions there, too.
So I don't really object this patch (because it's not wrong), but I
don't think it's very useful.
Max
> diff --git a/block/qapi.c b/block/qapi.c
> index c66f949db839..e81be604217c 100644
> --- a/block/qapi.c
> +++ b/block/qapi.c
> @@ -740,6 +740,8 @@ static void dump_qlist(fprintf_function func_fprintf,
> void *f, int indentation,
> const QListEntry *entry;
> int i = 0;
>
> + assert(list);
> +
> for (entry = qlist_first(list); entry; entry = qlist_next(entry), i++) {
> QType type = qobject_type(entry->value);
> bool composite = (type == QTYPE_QDICT || type == QTYPE_QLIST);
>
signature.asc
Description: OpenPGP digital signature
- Re: [Qemu-devel] [PATCH v3 6/8] block: dump_qlist() may dereference a Null pointer,
Max Reitz <=