[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-stable] [Qemu-devel] [PATCH v4 2/3] qapi: fix crash when a par
|
From: |
Markus Armbruster |
|
Subject: |
Re: [Qemu-stable] [Qemu-devel] [PATCH v4 2/3] qapi: fix crash when a parameter is missing |
|
Date: |
Wed, 05 Oct 2016 10:18:33 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Markus Armbruster <address@hidden> writes:
> Marc-André Lureau <address@hidden> writes:
>
>> Calling:
>>
>> { "execute": "qom-set",
>> "arguments": { "path": "/machine", "property": "rtc-time" } }
>>
>> Will crash with:
>>
>> qapi/qapi-visit-core.c:277: visit_type_any: Assertion `!err != !*obj'
>> failed
>
> This is actually a recent regression. Let's add "Broken in commit
> 5c678ee." Can do on commit.
>
>> Clear the obj and return an error.
>>
>> The patch also fixes a similar potential crash in qmp_input_type_null()
>> by checking qmp_input_get_object() returned a valid qobj.
>>
>> Signed-off-by: Marc-André Lureau <address@hidden>
>> Reviewed-by: Eric Blake <address@hidden>
I'd like to rephrase like this, if it's all right with you:
qapi: Fix crash when 'any' or 'null' parameter is missing
Unlike the other visit methods, visit_type_any() and visit_type_null()
neglect to check whether qmp_input_get_object() succeeded. They crash
when it fails. Reproducer:
{ "execute": "qom-set",
"arguments": { "path": "/machine", "property": "rtc-time" } }
Will crash with:
qapi/qapi-visit-core.c:277: visit_type_any: Assertion `!err != !*obj'
failed
Broken in commit 5c678ee. Fix by adding the missing error checks.
Also:
Reviewed-by: Markus Armbruster <address@hidden>
- Re: [Qemu-stable] [Qemu-devel] [PATCH v4 2/3] qapi: fix crash when a parameter is missing,
Markus Armbruster <=