From patchwork Thu Sep 14 09:44:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?0JzQuNGA0L7QvdC+0LIg0KHQtdGA0LPQtdC5INCS0LvQsNC00LjQvNC40YDQvtCy0LjRhw==?= X-Patchwork-Id: 1834238 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RmcfP4VhTz1yhn for ; Thu, 14 Sep 2023 22:52:13 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qgloT-0006td-VM; Thu, 14 Sep 2023 08:51:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qgj4t-0003kk-JV for qemu-devel@nongnu.org; Thu, 14 Sep 2023 05:56:03 -0400 Received: from exchange.fintech.ru ([195.54.195.159]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1qgj4r-0003qH-W3 for qemu-devel@nongnu.org; Thu, 14 Sep 2023 05:56:03 -0400 Received: from Ex16-02.fintech.ru (10.0.10.19) by exchange.fintech.ru (195.54.195.159) with Microsoft SMTP Server (TLS) id 14.3.498.0; Thu, 14 Sep 2023 12:44:16 +0300 Received: from Ex16-02.fintech.ru (10.0.10.19) by Ex16-02.fintech.ru (10.0.10.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Thu, 14 Sep 2023 12:44:16 +0300 Received: from Ex16-02.fintech.ru ([fe80::18b6:cd4a:a259:613c]) by Ex16-02.fintech.ru ([fe80::18b6:cd4a:a259:613c%3]) with mapi id 15.01.2242.004; Thu, 14 Sep 2023 12:44:16 +0300 From: =?koi8-r?b?7cnSz87P1yDzxdLHxcog98zBxMnNydLP18ne?= To: "libvirt-security@redhat.com" , "qemu-devel@nongnu.org" , "libvir-list@redhat.com" CC: "sdl.qemu@linuxtesting.org" Subject: [sdl-qemu] [PATCH 1/1] No checks, dereferencing possible Thread-Topic: [sdl-qemu] [PATCH 1/1] No checks, dereferencing possible Thread-Index: AQHZ5u5CEniT5U+quEGn3D2g2r/RJw== Date: Thu, 14 Sep 2023 09:44:16 +0000 Message-ID: <59e6590ea8a04de788f69709ea4c54f8@fintech.ru> Accept-Language: ru-RU, en-US Content-Language: ru-RU X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.0.1.141] MIME-Version: 1.0 Received-SPF: pass client-ip=195.54.195.159; envelope-from=mironov@fintech.ru; helo=exchange.fintech.ru X-Spam_score_int: 13 X-Spam_score: 1.3 X-Spam_bar: + X-Spam_report: (1.3 / 5.0 requ) BAYES_00=-1.9, CHARSET_FARAWAY_HEADER=3.2, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Thu, 14 Sep 2023 08:51:14 -0400 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org No checks, dereferencing possible. Return value of a function 'virDomainChrSourceDefNew' is dereferenced at qemu_command.c without checking for NULL, but it is usually checked for this function. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 1f85f0967b ("ci: jobs.sh: Add back '--no-suite syntax-check --print-errorlogs'") Signed-off-by: Sergey Mironov --- src/qemu/qemu_command.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index e84374b4cf..8d11972c88 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4698,6 +4698,8 @@ qemuBuildVideoCommandLine(virCommand *cmd, g_autofree char *name = g_strdup_printf("%s-vhost-user", video->info.alias); qemuDomainChrSourcePrivate *chrsrcpriv = QEMU_DOMAIN_CHR_SOURCE_PRIVATE(chrsrc); + if (chrsrc == NULL) + return -1; chrsrc->type = VIR_DOMAIN_CHR_TYPE_UNIX; chrsrcpriv->directfd = qemuFDPassDirectNew(name, &videopriv->vhost_user_fd); -- 2.31.1