From patchwork Fri Jun 7 15:00:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Ivanov X-Patchwork-Id: 1945341 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=virtuozzo.com header.i=@virtuozzo.com header.a=rsa-sha256 header.s=selector2 header.b=uII+oSds; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VwyLW1vG2z20Py for ; Sat, 8 Jun 2024 09:38:11 +1000 (AEST) Received: from [::1] (helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sFb55-0000W6-R8; Fri, 07 Jun 2024 11:00:40 -0400 Received: from [2001:470:142:3::10] (helo=eggs.gnu.org) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sFb53-0000Vf-Vb; Fri, 07 Jun 2024 11:00:38 -0400 Received: from mail-he1eur04on20721.outbound.protection.outlook.com ([2a01:111:f403:260f::721] helo=EUR04-HE1-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sFb51-0007T0-K6; Fri, 07 Jun 2024 11:00:37 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XQRgBIrqzotdY+UKVVgcsNS4ymlj12CkTNgN5NXWiiPiLxuthb1hrgOlr3p6FETPhXLDWBztBUlQRkRRPhS5coCpC31EgyT4+uup+SW+n13AFqYEC014tj6ZZPYRNWq4HoawEuYb18CXLkP3a8CH7ei2QC2az1VqmXlHvrQzbw8SBxwIFtnHfMl9VuV7tGIQE5mRVMlBdcX5sMrRfc4M6NvCd4G4+EdYhJQYxu/T5kXQjSOQdIcHGsO8bxAxdznGQNqHv1iXCFUXGRKFq5xrc//s0MdAVeCcu2giqQilfNIETyGx+FrsvsqZrqED+TAI/laBkOfreVLrN8QK4OBWzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rdnHrKrY9dARdDaugMOOW83+AVtVGc9qAaOLohRp5kA=; b=Ht8dHJvpH23tws9K12uKJocn/2WA0b9809G2dYCTferYNzBwIEFsIkgmahpivjQK8Z4maB9hEOfF5x8+Iqo88QEW0Ai7FgNZpucgjCiRZmxdCQcDHsR0sZs5joUUBIvkAIbjDnBDEnmtR5w2MZRKukq2hMJq89oi09A3sMAcCR9snz1OuKGHUNDfAbdpCedQ4ARMbb5piihd3S+opBxLtviJdZfp6OeowunWVp9cYnarrTY8YxGnQ/DzOC9gJpUAxYrx+4giquiF1wH1zBNeAQ6qRikXEz4ypfAkaV39voOngPz4Pv/qeW4VjUEJpmVLWNvuvJTctelCNhHVFd95yA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=virtuozzo.com; dmarc=pass action=none header.from=virtuozzo.com; dkim=pass header.d=virtuozzo.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rdnHrKrY9dARdDaugMOOW83+AVtVGc9qAaOLohRp5kA=; b=uII+oSdsD0L6GOS+diRJ6lInJW8hYltHCBMvjUZuwz/980zdLgsaWYH/1UkoHXWvmLsg+ynKYArWtoOaF5/6vxh4gvpSYFM9DsoWzbrxK/CiX9sA0wydQQxsfXa0W7cSa69nFyqLxQDQ5NxXipOaZJVJQNjxNFaCXQAcjdxpvQPiATQYm54ukMBJ3l2Eneuh5ySkcxgxJhpqsfe0CgB6D1saZUpeT6nLTUuPK1/40cSNoWQL+HcZ0SCL/nXyybizEnXgHiGBPmYDPdqaSOEEztFmZPNEtLlkFp/i/TTFUgvDqbGRbC4q0phBhH44ufiIAu/LnABHqXfr6yCYeHYFHQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=virtuozzo.com; Received: from VI0PR08MB10743.eurprd08.prod.outlook.com (2603:10a6:800:205::19) by DU0PR08MB9395.eurprd08.prod.outlook.com (2603:10a6:10:422::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7587.35; Fri, 7 Jun 2024 15:00:28 +0000 Received: from VI0PR08MB10743.eurprd08.prod.outlook.com ([fe80::cebf:31ab:1e25:cfb5]) by VI0PR08MB10743.eurprd08.prod.outlook.com ([fe80::cebf:31ab:1e25:cfb5%7]) with mapi id 15.20.7633.033; Fri, 7 Jun 2024 15:00:28 +0000 From: Alexander Ivanov To: qemu-devel@nongnu.org Cc: qemu-block@nongnu.org, den@virtuozzo.com, andrey.drobyshev@virtuozzo.com, eblake@redhat.com, vsementsov@yandex-team.ru, kwolf@redhat.com, hreitz@redhat.com Subject: [PATCH] nbd: Prevent NULL pointer dereference in nbd_blockdev_client_closed() Date: Fri, 7 Jun 2024 17:00:21 +0200 Message-ID: <20240607150021.121536-1-alexander.ivanov@virtuozzo.com> X-Mailer: git-send-email 2.43.0 X-ClientProxiedBy: WA2P291CA0029.POLP291.PROD.OUTLOOK.COM (2603:10a6:1d0:1f::29) To VI0PR08MB10743.eurprd08.prod.outlook.com (2603:10a6:800:205::19) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: VI0PR08MB10743:EE_|DU0PR08MB9395:EE_ X-MS-Office365-Filtering-Correlation-Id: 25190286-e82b-4cec-b2ad-08dc8702917a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230031|366007|52116005|1800799015|376005|38350700005; X-Microsoft-Antispam-Message-Info: VG4yjAvv0u1WNu6IWgsuSGsZ9ZvqZFvpNJHD2vrYJuMwGTwQyrd4TZJ94vlvmKGwaTElE+CcDlPJQrEX+eD98Izz6uABCLsFRR9c4EXtsVuFPAdGzw6Cy0NojFE5fg8tpLV3+aNJkLtbA4DFxAM3epwsCP+Wp6U0Dcb997sOV6Yns2rJWirQ3QcznJXlrzvVL3ai1q8w2OJYCw+CDq7ESXWu79j+mulr4gb4N8d+1TQPRSy7Cs1RL+U8/nCtIIVQuUjUHslLD+uf/x07ysUgePgpDwzCPbe5Eo5py6eROmpoVwc0tm4yD6mQc09zNo25ZrVokWGwvCQRky6M4NSBv+Rj2HO8Bb6yGv2C7ZA03ZGj2ND0Aek3D6ydHnlEStZNmbGP7nfv0gLEZRu7eSYJcMXYCTxndCavBK2ak9BlgL/Fb9TUdAAggf1fvWoR8LtyxdOZUydnayA83pESLZe9WEjgVJY3F66fYWRhFy0eBSjNRaRtl88oo/o8EgsnMyEtFV8xkWcUQBkXKFwr0fgG2VUCHiFwlFJQzXLq/r0xvAYe0MSLzDwrr3s9xlJ10+gtBk/rhOeSaABaUqqjxyuophWcrKFTTBhcDymhnf0qy34B8m7vRYCXPUdLTC3MpoE8KOpVN/Gc+sUAQDU7+s5a4igZx/mkV+ZGAautv3r0X0G/EaYkY/o35KL6mC2IQBJf92JRFvK19emIY7TR+FhMIV7mxq+IGcnjh4PbLH+2NPslBtu/sKfozo4tK+q7IGbrRTNLE/hgndctj3THdB3jQEL7OPFjcCBtx/Pi/9jaDhhoP0MHCdJL24x9GCl2s35H3a5enAYqeW7yLnYrMwfSpylHrVGNg2aPrAU6hEvDaHjGBd7Trrv1SQ2vY9/G53D2F3nk1FVLOeIdkDqyBKzf8yw63WCCmQ008nJwu7vOYnG5Jkmp/Fz2binElMQPTZ8AL9hyWuNNMbFvnt7xTCUuiGjnRXhQn6/Yy5BAjYjSPTpkUV+QLuQgElr/pgrzdPND9U3en57v0B4KMh4ED0Liw3v2L8jH32nEdRkdZaJArr/8yQuYunXNhHOx+uFMwhObnynBSakigAae7EHPAVdCT2vOM2d0XYQqBcv59X7bvyi0A10iwfCP57km1vLzsX/0KKIQ8h6sPeN98U8fjbeHmhfQ72+pFKIyFJ/JlXO6HQbWXVUE0Jcc/bxu+G95gmcTcHhNmio+8zp4gNSoI8rdbMbmb5j6Cmkb81VaXvMJ0d9rk26ofzkAt5aB6p2yJqNawTKIyW7ksu0pBmxJPwtn8PTAJrtR+IZepWYD43Ul7prr71a+oUpQiZBtcaYorBz52Cbh/OHK80SObewavEd9fZ+GMTG4YuX7m673iN4KozA= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI0PR08MB10743.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(52116005)(1800799015)(376005)(38350700005); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: cB8UI0cCUV24aHpPgUCPcJaOjmJPdU7v4SGpSvyixATcartbZs50JCrvGXLjzRGA3uiiR7fZmTMrx9Hrgp3c3F7X0vJcNj9qHr3gXgEMPlNdy/5LXeG+et6/V9xeJq70K5xM1PKi4Up105Bl+T2ZqJP7azzA67phIqHQLn3BWC8PFi37VL5JAgLinTljH9vGY7XSejkICJnsrUiVYumUzPcd8ci6gSLl0u37DI8beDhVBvzrel1TVWaNR0b3fi/O/HKMA/WW37Qbkk0EmzS+CacGH+vXASmxHqg34/g276nahSD0wEbPwBca4HbR8HA0NTc7u3JlQfhgIZ8qm8jFSkjao8myF07t7frn0GIcncZbAXMlqEi6q4tpX6wXHBtDJL3Uc2d154JUhFinE4JgMjRd3Wxx9Xc9Ahrs4mKQoZ18lcE2FvVG7x9ughr3LZMAhWz5oSXuCGPt01Ltru5eIcIt5Dqb7T4egsLvg+6CEYmR1M9TSrim6EhwzaOT9CLaSTD3rcgZMX+IIL5VgwB584q/vLlMn2HfweF/SfS9X4PreHFq8kGFWLo3hxdzHUBNDHBf7Wq28bXb2j8fco7LBEdD4OlYB26ifFALO+v5dctAKm7651xE1jD0/9Phx5GXBJu7O1QMKAIsE1uqL9ymgvtfza58QbRrbrYuwbIhlsOW1rhiPnGChjvExyCbgzcIo/8+0N7BU59y05mRKRsIMfBcUxJE6evVDfva+IfrrcUepUZWe04hVZ2rj5yIOqlHuS5dddcXKMJjHhgYDUboUI9vN1VZaGQYiEGYfBzds0WZ1ZP+BEPlBl/U1OG2kBi/iXK/IYA7r40bj2McolexSGer+NhwM2tGkZHO9RIy0immovnNAOGQtfLVv1tIu4zICCYE8kz3Rdg+Sampp5aRPV72vamjcUhM84Ew4VQKZslNg/+BhDa8FePu5D8xqU6dICARcHxWneph/d/SyKx0zOLMqmt/RqSvJsOchAkznHnJNrBdjQnljnCKdtqJDMOyFDwUrFU6pbWgokRelRfdfqRP6QWftlVO7HvY4GfoedQUkpcGnCC4pJSW13NavmjuHH0di6GlxezWdmXp+jh2XQxrRwZSPpmSeGqnSkuSYIHN6TDm0bra24tH09C1qpNV0l4oVBn/QgCMGDdK5qDCVxKXzr0a1CZH86eWm4Facpoo/VDVOYLseIy0GxTo8xRJGGFqdiyj0HU6PA0jHUBcMMijDiSxU3hP96/a/lnGx3u3mX5i0BByoGdWFkKmWTUkx1GvwgDxzZxjUauz+2xDNC7nYIeZVwTBN7Gl8JYTrNIZN5L8I2oNFiwnMo0Ia9a++mRix0sHip1usN7weCq2ah5xAfe4Dz2z286DVyOG1+ehsS8wEXgUWWQO+zrLY0mv8JA4YI7DFeMmM7ZPni+Cttht40My7+4a7n0QbPRNQES518TTh6iFpOrLY/BTTaqKdoSs3mgVQz1Nd4YjoTmgowhKsib9lwEHy6opUZulEZlWyJNaHo8BXtoVsiiTPaDorAAtcYb7j1cqC9BIW9mMkUmjKB/4ejTaSFT+AzjH2J2hYS10UFiwhxpENtO0QhyHcykZhBZvhOg/mRqwBGwCK9GAJ01rUVpl5lMJYQgfZQo= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-Network-Message-Id: 25190286-e82b-4cec-b2ad-08dc8702917a X-MS-Exchange-CrossTenant-AuthSource: VI0PR08MB10743.eurprd08.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jun 2024 15:00:28.1945 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: S9NzZJcSpfUzyc3hHSTbbk/4l+SDmwAk+Um9jgl74pVYMEkFncp+vOVQARGsv9kthMb7YO0HudXD2WNFtTBB92H4K6BJ0ZpO4UW904v/HL8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR08MB9395 Received-SPF: pass client-ip=2a01:111:f403:260f::721; envelope-from=alexander.ivanov@virtuozzo.com; helo=EUR04-HE1-obe.outbound.protection.outlook.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org In some cases, the NBD server can be stopped before nbd_blockdev_client_closed() is called, causing the nbd_server variable to be nullified. This leads to a NULL pointer dereference when accessing nbd_server. Add a NULL check for nbd_server to the nbd_blockdev_client_closed() function to prevent NULL pointer dereference. Signed-off-by: Alexander Ivanov --- blockdev-nbd.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/blockdev-nbd.c b/blockdev-nbd.c index 213012435f..fb1f30ae0d 100644 --- a/blockdev-nbd.c +++ b/blockdev-nbd.c @@ -52,6 +52,9 @@ int nbd_server_max_connections(void) static void nbd_blockdev_client_closed(NBDClient *client, bool ignored) { nbd_client_put(client); + if (nbd_server == NULL) { + return; + } assert(nbd_server->connections > 0); nbd_server->connections--; nbd_update_server_watch(nbd_server);