Re: [Qemu-devel] [PATCH v2 6/8] block: dump_qlist() may dereference a Nu

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 6/8] block: dump_qlist() may dereference a Nu

From:	Eric Blake
Subject:	Re: [Qemu-devel] [PATCH v2 6/8] block: dump_qlist() may dereference a Null pointer
Date:	Fri, 31 Aug 2018 11:47:45 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 08/31/2018 11:36 AM, Liam Merwick wrote:

A NULL 'list' passed into function dump_qlist() isn't correctly
validated and can be passed to qlist_first() where it is dereferenced.

Given that  dump_qlist() is static, and callers already do the right


Double space looks odd.

thing, just add an assert to catch future potential bugs.

Signed-off-by: Liam Merwick <address@hidden>
---
  block/qapi.c | 2 ++
  1 file changed, 2 insertions(+)


Reviewed-by: Eric Blake <address@hidden>


diff --git a/block/qapi.c b/block/qapi.c
index c66f949db839..e81be604217c 100644
--- a/block/qapi.c
+++ b/block/qapi.c
@@ -740,6 +740,8 @@ static void dump_qlist(fprintf_function func_fprintf, void 
*f, int indentation,
      const QListEntry *entry;
      int i = 0;

+ assert(list);

+
      for (entry = qlist_first(list); entry; entry = qlist_next(entry), i++) {
          QType type = qobject_type(entry->value);
          bool composite = (type == QTYPE_QDICT || type == QTYPE_QLIST);


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH v2 0/8] off-by-one and NULL pointer accesses detected by static analysis, Liam Merwick, 2018/08/31
- [Qemu-devel] [PATCH v2 3/8] block: Null pointer dereference in blk_root_get_parent_desc(), Liam Merwick, 2018/08/31
- [Qemu-devel] [PATCH v2 4/8] qemu-img: potential Null pointer deref in img_commit(), Liam Merwick, 2018/08/31
- [Qemu-devel] [PATCH v2 2/8] job: Fix off-by-one assert checks for JobSTT and JobVerbTable, Liam Merwick, 2018/08/31
- [Qemu-devel] [PATCH v2 8/8] qcow2: Read outside array bounds in qcow2_pre_write_overlap_check(), Liam Merwick, 2018/08/31
  - Re: [Qemu-devel] [PATCH v2 8/8] qcow2: Read outside array bounds in qcow2_pre_write_overlap_check(), Eric Blake, 2018/08/31
- [Qemu-devel] [PATCH v2 1/8] configure: Provide option to explicitly disable AVX2, Liam Merwick, 2018/08/31
- [Qemu-devel] [PATCH v2 6/8] block: dump_qlist() may dereference a Null pointer, Liam Merwick, 2018/08/31
  - Re: [Qemu-devel] [PATCH v2 6/8] block: dump_qlist() may dereference a Null pointer, Eric Blake <=
- [Qemu-devel] [PATCH v2 7/8] io: potential unnecessary check in qio_channel_command_new_spawn(), Liam Merwick, 2018/08/31
  - Re: [Qemu-devel] [PATCH v2 7/8] io: potential unnecessary check in qio_channel_command_new_spawn(), Eric Blake, 2018/08/31
- [Qemu-devel] [PATCH v2 5/8] block: Fix potential Null pointer dereferences in vvfat.c, Liam Merwick, 2018/08/31

Prev by Date: Re: [Qemu-devel] [PATCH 7/8] io: file descriptor not initialized in qio_channel_command_new_spawn()
Next by Date: Re: [Qemu-devel] [PATCH v2 7/8] io: potential unnecessary check in qio_channel_command_new_spawn()
Previous by thread: [Qemu-devel] [PATCH v2 6/8] block: dump_qlist() may dereference a Null pointer
Next by thread: [Qemu-devel] [PATCH v2 7/8] io: potential unnecessary check in qio_channel_command_new_spawn()
Index(es):
- Date
- Thread