Laszlo Ersek <ler...@redhat.com> writes: > qemu_opts_parse() can always return NULL, even if the QemuOptsList.desc in > question would be trivial to satisfy (eg. because it's empty). For > example: > > qemu_opts_parse() > opts_parse() > qemu_opts_create() > id_wellformed() > > In practice: > > $ .../qemu-system-x86_64 -acpitable id=3 > qemu-system-x86_64: -acpitable id=3: Parameter 'id' expects an identifier > ** > ERROR:vl.c:3491:main: assertion failed: (opts != NULL) > Aborted (core dumped) > > $ .../qemu-system-x86_64 -smbios id=3 > qemu-system-x86_64: -smbios id=3: Parameter 'id' expects an identifier > Segmentation fault (core dumped) > > I checked all qemu_opts_parse() invocations (and all drive_def() > invocations too, because it blindly forwards the former's retval). Only > the two above examples look problematic. > > Signed-off-by: Laszlo Ersek <ler...@redhat.com>
Your fix is fine. I didn't redo your search for other unsafe uses. Reviewed-by: Markus Armbruster <arm...@redhat.com>
