netdev_del assume that remove host network device.
However, when try to remove a non-host network device
by netdev_del, it will cause a segfault.
The reson is that qmp_netdev_del is not checking for
a NULL return for qemu_find_opts_err in case find_list
did not find the netdev group to delete.
Catch this and return an error.
(qemu) host_net_add user vlan=1,name=con.1,hostfwd=udp::4111-127.0.0.1:4333
(qemu) info network
hub 1
\ con.1: type=user,net=10.0.2.0,restrict=off
hub 0
\ user.0: type=user,net=10.0.2.0,restrict=off
\ e1000.0: type=nic,model=e1000,macaddr=52:54:00:12:34:56
(qemu) netdev_del con.1
Segmentation fault (core dumped)
Signed-off-by: Lei Li <li...@linux.vnet.ibm.com>
---
net.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/net.c b/net.c
index ae4bc0d..cc52552 100644
--- a/net.c
+++ b/net.c
@@ -827,6 +827,7 @@ exit_err:
void qmp_netdev_del(const char *id, Error **errp)
{
NetClientState *nc;
+ QemuOptsList *opt;
nc = qemu_find_netdev(id);
if (!nc) {
@@ -835,7 +836,12 @@ void qmp_netdev_del(const char *id, Error **errp)
}
qemu_del_net_client(nc);
- qemu_opts_del(qemu_opts_find(qemu_find_opts_err("netdev", errp), id));
+ opt = qemu_find_opts_err("netdev", errp);
+ if (errp) {
+ error_setg(errp, "Failed to delete %s", id);
+ return;
+ }
+ qemu_opts_del(qemu_opts_find(opt, id));
}
void print_net_client(Monitor *mon, NetClientState *nc)
--
1.7.7.6
