Message ID | 1270664710-3948-5-git-send-email-lcapitulino@redhat.com |
---|---|
State | New |
Headers | show |
diff --git a/monitor.c b/monitor.c index cd350d6..91d7da5 100644 --- a/monitor.c +++ b/monitor.c @@ -4522,6 +4522,9 @@ static void handle_qmp_command(JSONMessageParser *parser, QList *tokens) obj = qdict_get(input, "arguments"); if (!obj) { args = qdict_new(); + } else if (qobject_type(obj) != QTYPE_QDICT) { + qerror_report(QERR_QMP_BAD_INPUT_OBJECT_MEMBER, "arguments", "object"); + goto err_input; } else { args = qobject_to_qdict(obj); QINCREF(args);
Otherwise the following input crashes QEMU: { "execute": "migrate", "arguments": "tcp:0:4446" } Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> --- monitor.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-)