On Fri, 2020-07-10 at 11:50 +0200, Max Reitz wrote: > We should check whether the user-specified node-name actually refers to > a node. The simplest way to do that is to use bdrv_lookup_bs() instead > of bdrv_find_node() (the former wraps the latter, and produces an error > message if necessary). > > Reported-by: Coverity (CID 1430268) > Fixes: ced914d0ab9fb2c900f873f6349a0b8eecd1fdbe > Signed-off-by: Max Reitz <mre...@redhat.com> > --- > block/amend.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/block/amend.c b/block/amend.c > index f4612dcf08..392df9ef83 100644 > --- a/block/amend.c > +++ b/block/amend.c > @@ -69,8 +69,12 @@ void qmp_x_blockdev_amend(const char *job_id, > BlockdevAmendJob *s; > const char *fmt = BlockdevDriver_str(options->driver); > BlockDriver *drv = bdrv_find_format(fmt); > - BlockDriverState *bs = bdrv_find_node(node_name); > + BlockDriverState *bs; > > + bs = bdrv_lookup_bs(NULL, node_name, errp); > + if (!bs) { > + return; > + } > > if (!drv) { > error_setg(errp, "Block driver '%s' not found or not supported", > fmt);
Yep, this looks like a real bug, sorry about that. Reviewed-by: Maxim Levitsky <mlevi...@redhat.com> Best regards, Maxim Levitsky