Message ID | 20180611070609.9482-1-lma@suse.com |
---|---|
State | New |
Headers | show |
Series | [v2] net: Fix a potential segfault | expand |
On 11.06.2018 09:06, Lin Ma wrote: > If user forgets to provide any backend types for '-netdev' in qemu CLI, > It triggers seg fault. > > e.g. > > Expected: > $ qemu -netdev id=net0 > qemu-system-x86_64: Parameter 'type' is missing > > Actual: > $ qemu -netdev id=net0 > Segmentation fault (core dumped) Ok, thanks for adding the description! > Signed-off-by: Lin Ma <lma@suse.com> > --- > net/net.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/net/net.c b/net/net.c > index efb9eaf779..f89790be4a 100644 > --- a/net/net.c > +++ b/net/net.c > @@ -1093,9 +1093,12 @@ static int net_client_init(QemuOpts *opts, bool is_netdev, Error **errp) > int ret = -1; > Visitor *v = opts_visitor_new(opts); > > - if (is_netdev && is_help_option(qemu_opt_get(opts, "type"))) { > - show_netdevs(); > - exit(0); > + if (is_netdev) { > + const char *type = qemu_opt_get(opts, "type"); > + if (type && is_help_option(type)) { > + show_netdevs(); > + exit(0); > + } > } else { > /* Parse convenience option format ip6-net=fec0::0[/64] */ > const char *ip6_net = qemu_opt_get(opts, "ipv6-net"); > I think you've got to do it in a slightly different way: const char *type = qemu_opt_get(opts, "type"); if (is_netdev && type && is_help_option(type)) { show_netdevs(); exit(0); } else ... otherwise the "else" branch is not entered anymore in case it is a non-help netdev option. Thomas
diff --git a/net/net.c b/net/net.c index efb9eaf779..f89790be4a 100644 --- a/net/net.c +++ b/net/net.c @@ -1093,9 +1093,12 @@ static int net_client_init(QemuOpts *opts, bool is_netdev, Error **errp) int ret = -1; Visitor *v = opts_visitor_new(opts); - if (is_netdev && is_help_option(qemu_opt_get(opts, "type"))) { - show_netdevs(); - exit(0); + if (is_netdev) { + const char *type = qemu_opt_get(opts, "type"); + if (type && is_help_option(type)) { + show_netdevs(); + exit(0); + } } else { /* Parse convenience option format ip6-net=fec0::0[/64] */ const char *ip6_net = qemu_opt_get(opts, "ipv6-net");
If user forgets to provide any backend types for '-netdev' in qemu CLI, It triggers seg fault. e.g. Expected: $ qemu -netdev id=net0 qemu-system-x86_64: Parameter 'type' is missing Actual: $ qemu -netdev id=net0 Segmentation fault (core dumped) Signed-off-by: Lin Ma <lma@suse.com> --- net/net.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)