[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instanc
From: |
Markus Armbruster |
Subject: |
Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance |
Date: |
Fri, 26 Mar 2021 15:41:11 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) |
Looks like a bug fix. Lukas, can you take care of it in time for 6.0?
Li Zhang <zhlcindy@gmail.com> writes:
> From: Li Zhang <li.zhang@cloud.ionos.com>
>
> When executing the QMP commands "chardev-change" to change the
> backend device to socket, it will cause a segment fault because
> it assumes chr->label as non-NULL in function yank_register_instance.
> The function qmp_chardev_change calls chardev_new, which label
> is NULL when creating a new chardev. The label will be passed to
> yank_register_instance which causes a segment fault. The callchain
> is as the following:
> chardev_new ->
> qemu_char_open ->
> cc->open ->
> qmp_chardev_open_socket ->
> yank_register_instance
>
> Signed-off-by: Li Zhang <li.zhang@cloud.ionos.com>
> ---
> chardev/char-socket.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/chardev/char-socket.c b/chardev/char-socket.c
> index c8bced76b7..26d5172682 100644
> --- a/chardev/char-socket.c
> +++ b/chardev/char-socket.c
> @@ -1421,10 +1421,12 @@ static void qmp_chardev_open_socket(Chardev *chr,
> qemu_chr_set_feature(chr, QEMU_CHAR_FEATURE_FD_PASS);
> }
>
> - if (!yank_register_instance(CHARDEV_YANK_INSTANCE(chr->label), errp)) {
> - return;
> + if (chr->label) {
> + if (!yank_register_instance(CHARDEV_YANK_INSTANCE(chr->label),
> errp)) {
> + return;
> + }
> + s->registered_yank = true;
> }
> - s->registered_yank = true;
>
> /* be isn't opened until we get a connection */
> *be_opened = false;
Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance, Lukas Straub, 2021/03/17
Re: [PATCH 1/2] Fix the segment fault when calling yank_register_instance,
Markus Armbruster <=