On 01/05/2018 08:47 AM, Murilo Opsfelder Araújo wrote: >>> This patch fixes the segmentation fault in strcmp() by adding a NULL >>> element at >>> the end of nbd_runtime_opts.desc list, which is the common practice to most >>> of >>> other structs like runtime_opts in block/null.c. Thus, the desc[i].name != >>> NULL >>> check becomes safe because it will not evaluate to true when .desc list >>> reached >>> its end. >>> >>> Reported-by: R. Nageswara Sastry <nasas...@in.ibm.com> >>> Buglink: https://bugs.launchpad.net/qemu/+bug/1727259 >>> Signed-off-by: Murilo Opsfelder Araujo <muri...@linux.vnet.ibm.com> >> >> I'll update the commit message to add in the commit id that introduced
Commit 7ccc44fd7, in 2.7.0.
>> the problem, as well as check that other QemuOptsList do not have a
>> similar problem; I'm queueing this on the NBD tree and will submit a
>> pull request soon.
>>
>> Reviewed-by: Eric Blake <ebl...@redhat.com>
>
> Hi, Eric.
>
> A quick look brought my attention to:
>
> block/ssh.c
> 530:static QemuOptsList ssh_runtime_opts = {
>
> I've sent a patch to fix it too.
And my audit matches yours that there were no other culprits besides
those two.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
