Re: [Qemu-devel] Possible null-ptr dereference

Mon, 28 Jul 2014 01:22:33 -0700 

Hey,

Yup, thanks, task closed ;-)

Best regards,
Mateusz Krzywicki

From: arei.gong...@huawei.com
To: mateusz.krzywi...@windowslive.com; qemu-devel@nongnu.org
CC: stefa...@redhat.com; kw...@redhat.com
Subject: RE: [Qemu-devel] Possible null-ptr dereference
Date: Mon, 28 Jul 2014 06:03:45 +0000









Hi,
 
Should be easy to fix though. Does the following help?
 
(Cc’ing Stefan & Kevin)
 
-->
xen_disk:  fix possible null-ptr dereference

 
Signed-off-by: Gonglei <arei.gong...@huawei.com>
---
hw/block/xen_disk.c | 1 +
1
 file changed, 1 insertion(+)
 
diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index aed5b5b..a221d0b 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -589,6 +589,7 @@ static int blk_send_response_one(struct ioreq *ioreq)
         break;
     default:
         dst = NULL;
+        return 0;
     }
     memcpy(dst, &resp, sizeof(resp));
     blkdev->rings.common.rsp_prod_pvt++;
--
 
Best regards,
-Gonglei

 



From: qemu-devel-bounces+arei.gonglei=huawei....@nongnu.org 
[mailto:qemu-devel-bounces+arei.gonglei=huawei....@nongnu.org]
On Behalf Of mateusz.krzywi...@windowslive.com

Sent: Saturday, July 26, 2014 6:52 PM

To: qemu-devel@nongnu.org

Subject: [Qemu-devel] Possible null-ptr dereference


 


Hey,


 


Found a little bug in latest qemu:


 


In function: 


static int blk_send_response_one(struct ioreq *ioreq)


 


File: 


qemu\hw\block\xen_disk.c


 


Code:


 



    default:


        dst = NULL;


    }


    memcpy(dst, &resp, sizeof(resp));



 


 


Just add simple check for dst and it will be all cool ;-)


 


Best regards,


Mateusz Krzywicki

Reply via email to