On 02/23/2017 04:46 PM, Eric Blake wrote:
> On 02/23/2017 03:44 PM, Markus Armbruster wrote:
>> The value of key 'arguments' must be a JSON object. qemu-ga neglects
>> to check, and crashes. To reproduce, send
>>
>> { 'execute': 'guest-sync', 'arguments': [] }
>>
>> to qemu-ga.
>>
>> do_qmp_dispatch() uses qdict_get_qdict() to get the arguments. When
>> not a JSON object, this gets a null pointer, which flows through the
>> generated marshalling function to qobject_input_visitor_new(), where
>> it fails the assertion. qmp_dispatch_check_obj() needs to catch this
>> error.
>>
>> QEMU isn't affected, because it runs qmp_check_input_obj() first,
>> which basically duplicates qmp_check_input_obj()'s checks, plus theThis sentence is weird (func A can't duplicate func A's checks; you're missing a func B, but I'm not sure which instance is wrong, nor what B should be). >> missing one. >> >> Fix by copying the missing one from qmp_check_input_obj() to >> qmp_dispatch_check_obj(). >> >> Signed-off-by: Markus Armbruster <arm...@redhat.com> >> Cc: Michael Roth <mdr...@linux.vnet.ibm.com> >> --- >> qapi/qmp-dispatch.c | 8 +++++++- >> 1 file changed, 7 insertions(+), 1 deletion(-) > > Reviewed-by: Eric Blake <ebl...@redhat.com> > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
