Re: [Qemu-devel] [PATCH] filter-mirror: segfault when specifying non existent device

Mon, 21 Aug 2017 18:18:13 -0700 


On 08/21/2017 11:50 PM, Eduardo Otubo wrote:

When using filter-mirror like the example below where the interface
'ndev0' does not exist on the host, QEMU crashes into segmentation
fault.

  $ qemu-system-x86_64 -S -machine pc -netdev user,id=ndev0 -object 
filter-mirror,id=test-object,netdev=ndev0

This happens because the function filter_mirror_setup() does not checks
if the device actually exists and still keep on processing calling
qemu_chr_find(). This patch fixes this issue.

Signed-off-by: Eduardo Otubo <ot...@redhat.com>


Looks good for me.

Reviewed-by: Zhang Chen<zhangchen.f...@cn.fujitsu.com>

Thanks
Zhang Chen


---
  net/filter-mirror.c | 14 +++++++++++---
  1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/net/filter-mirror.c b/net/filter-mirror.c
index 90e2c92337..e18a4b16a0 100644
--- a/net/filter-mirror.c
+++ b/net/filter-mirror.c
@@ -213,14 +213,22 @@ static void filter_mirror_setup(NetFilterState *nf, Error 
**errp)
      MirrorState *s = FILTER_MIRROR(nf);
      Chardev *chr;

  
+    if (s->outdev == NULL) {

+        goto err;
+    }
+
      chr = qemu_chr_find(s->outdev);
+
      if (chr == NULL) {
-        error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
-                  "Device '%s' not found", s->outdev);
-        return;
+        goto err;
      }

  
      qemu_chr_fe_init(&s->chr_out, chr, errp);

+
+err:
+    error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, "Device '%s' not found",
+              nf->netdev_id);
+    return;
  }

  
  static void redirector_rs_finalize(SocketReadState *rs)


--
Thanks
Zhang Chen


























					Reply via email to