Re: [Qemu-devel] Possible null-ptr dereference
On 28 July 2014 10:49, Stefan Hajnoczi wrote: > On Mon, Jul 28, 2014 at 06:03:45AM +, Gonglei (Arei) wrote: >> Hi, >> >> Should be easy to fix though. Does the following help? >> >> (Cc'ing Stefan & Kevin) >> >> --> >> xen_disk: fix possible null-ptr dereference >> >> Signed-off-by: Gonglei >> --- >> hw/block/xen_disk.c | 1 + >> 1 file changed, 1 insertion(+) > > This code path can never be reached since protocol is always set to one > of 3 valid values in xen_disk.c. Maybe g_assert_not_reached(); ? thanks -- PMM
Re: [Qemu-devel] Possible null-ptr dereference
> -Original Message- > From: Stefan Hajnoczi [mailto:stefa...@redhat.com] > Sent: Monday, July 28, 2014 5:49 PM > To: Gonglei (Arei) > Cc: mateusz.krzywi...@windowslive.com; qemu-devel@nongnu.org; > kw...@redhat.com > Subject: Re: [Qemu-devel] Possible null-ptr dereference > > On Mon, Jul 28, 2014 at 06:03:45AM +, Gonglei (Arei) wrote: > > Hi, > > > > Should be easy to fix though. Does the following help? > > > > (Cc'ing Stefan & Kevin) > > > > --> > > xen_disk: fix possible null-ptr dereference > > > > Signed-off-by: Gonglei > > --- > > hw/block/xen_disk.c | 1 + > > 1 file changed, 1 insertion(+) > > This code path can never be reached since protocol is always set to one > of 3 valid values in xen_disk.c. Therefore, I'm not merging this for > QEMU 2.1 where we are only taking critical bug fixes now. > OK. > Still, it will help silence static checkers and make the intent clear to > readers. > > Thanks, applied to my block-next tree for QEMU 2.2: > https://github.com/stefanha/qemu/commits/block-next > Thanks. Best regards, -Gonglei
Re: [Qemu-devel] Possible null-ptr dereference
On Mon, Jul 28, 2014 at 06:03:45AM +, Gonglei (Arei) wrote: > Hi, > > Should be easy to fix though. Does the following help? > > (Cc'ing Stefan & Kevin) > > --> > xen_disk: fix possible null-ptr dereference > > Signed-off-by: Gonglei > --- > hw/block/xen_disk.c | 1 + > 1 file changed, 1 insertion(+) This code path can never be reached since protocol is always set to one of 3 valid values in xen_disk.c. Therefore, I'm not merging this for QEMU 2.1 where we are only taking critical bug fixes now. Still, it will help silence static checkers and make the intent clear to readers. Thanks, applied to my block-next tree for QEMU 2.2: https://github.com/stefanha/qemu/commits/block-next Stefan pgpu0OfPHR42l.pgp Description: PGP signature
Re: [Qemu-devel] Possible null-ptr dereference
Hey, Yup, thanks, task closed ;-) Best regards, Mateusz Krzywicki From: arei.gong...@huawei.com To: mateusz.krzywi...@windowslive.com; qemu-devel@nongnu.org CC: stefa...@redhat.com; kw...@redhat.com Subject: RE: [Qemu-devel] Possible null-ptr dereference Date: Mon, 28 Jul 2014 06:03:45 + Hi, Should be easy to fix though. Does the following help? (Cc’ing Stefan & Kevin) --> xen_disk: fix possible null-ptr dereference Signed-off-by: Gonglei --- hw/block/xen_disk.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c index aed5b5b..a221d0b 100644 --- a/hw/block/xen_disk.c +++ b/hw/block/xen_disk.c @@ -589,6 +589,7 @@ static int blk_send_response_one(struct ioreq *ioreq) break; default: dst = NULL; +return 0; } memcpy(dst, &resp, sizeof(resp)); blkdev->rings.common.rsp_prod_pvt++; -- Best regards, -Gonglei From: qemu-devel-bounces+arei.gonglei=huawei@nongnu.org [mailto:qemu-devel-bounces+arei.gonglei=huawei@nongnu.org] On Behalf Of mateusz.krzywi...@windowslive.com Sent: Saturday, July 26, 2014 6:52 PM To: qemu-devel@nongnu.org Subject: [Qemu-devel] Possible null-ptr dereference Hey, Found a little bug in latest qemu: In function: static int blk_send_response_one(struct ioreq *ioreq) File: qemu\hw\block\xen_disk.c Code: default: dst = NULL; } memcpy(dst, &resp, sizeof(resp)); Just add simple check for dst and it will be all cool ;-) Best regards, Mateusz Krzywicki
Re: [Qemu-devel] Possible null-ptr dereference
Hi, Should be easy to fix though. Does the following help? (Cc'ing Stefan & Kevin) --> xen_disk: fix possible null-ptr dereference Signed-off-by: Gonglei --- hw/block/xen_disk.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c index aed5b5b..a221d0b 100644 --- a/hw/block/xen_disk.c +++ b/hw/block/xen_disk.c @@ -589,6 +589,7 @@ static int blk_send_response_one(struct ioreq *ioreq) break; default: dst = NULL; +return 0; } memcpy(dst, &resp, sizeof(resp)); blkdev->rings.common.rsp_prod_pvt++; -- Best regards, -Gonglei From: qemu-devel-bounces+arei.gonglei=huawei@nongnu.org [mailto:qemu-devel-bounces+arei.gonglei=huawei@nongnu.org] On Behalf Of mateusz.krzywi...@windowslive.com Sent: Saturday, July 26, 2014 6:52 PM To: qemu-devel@nongnu.org Subject: [Qemu-devel] Possible null-ptr dereference Hey, Found a little bug in latest qemu: In function: static int blk_send_response_one(struct ioreq *ioreq) File: qemu\hw\block\xen_disk.c Code: default: dst = NULL; } memcpy(dst, &resp, sizeof(resp)); Just add simple check for dst and it will be all cool ;-) Best regards, Mateusz Krzywicki
[Qemu-devel] Possible null-ptr dereference
Hey, Found a little bug in latest qemu: In function: static int blk_send_response_one(struct ioreq *ioreq) File: qemu\hw\block\xen_disk.c Code: default:dst = NULL;}memcpy(dst, &resp, sizeof(resp)); Just add simple check for dst and it will be all cool ;-) Best regards,Mateusz Krzywicki