qemu-stable
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-stable] [PULL 12/17] qemu-char: avoid segfault if user lacks of pe


From: Paolo Bonzini
Subject: [Qemu-stable] [PULL 12/17] qemu-char: avoid segfault if user lacks of permisson of a given logfile
Date: Thu, 15 Sep 2016 16:21:51 +0200

From: Lin Ma <address@hidden>

Function qemu_chr_alloc returns NULL if it failed to open logfile by any reason,
says no write permission. For backends tty, stdio and msmouse, They need to
check this return value to avoid segfault in this case.

Signed-off-by: Lin Ma <address@hidden>
Cc: qemu-stable <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
---
 backends/msmouse.c | 3 +++
 qemu-char.c        | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/backends/msmouse.c b/backends/msmouse.c
index aeb9055..aceb6dc 100644
--- a/backends/msmouse.c
+++ b/backends/msmouse.c
@@ -159,6 +159,9 @@ static CharDriverState *qemu_chr_open_msmouse(const char 
*id,
     CharDriverState *chr;
 
     chr = qemu_chr_alloc(common, errp);
+    if (!chr) {
+        return NULL;
+    }
     chr->chr_write = msmouse_chr_write;
     chr->chr_close = msmouse_chr_close;
     chr->chr_accept_input = msmouse_chr_accept_input;
diff --git a/qemu-char.c b/qemu-char.c
index 7fa87a8..8826419 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1230,6 +1230,9 @@ static CharDriverState *qemu_chr_open_stdio(const char 
*id,
     sigaction(SIGCONT, &act, NULL);
 
     chr = qemu_chr_open_fd(0, 1, common, errp);
+    if (!chr) {
+        return NULL;
+    }
     chr->chr_close = qemu_chr_close_stdio;
     chr->chr_set_echo = qemu_chr_set_echo_stdio;
     if (opts->has_signal) {
@@ -1686,6 +1689,9 @@ static CharDriverState *qemu_chr_open_tty_fd(int fd,
 
     tty_serial_init(fd, 115200, 'N', 8, 1);
     chr = qemu_chr_open_fd(fd, fd, backend, errp);
+    if (!chr) {
+        return NULL;
+    }
     chr->chr_ioctl = tty_serial_ioctl;
     chr->chr_close = qemu_chr_close_tty;
     return chr;
-- 
1.8.3.1





reply via email to

[Prev in Thread] Current Thread [Next in Thread]