diff mbox series

[1/2] migration/rdma: fix potential nullptr access in rdma_start_incoming_migration

Message ID 20200508100755.7875-2-pannengyuan@huawei.com (mailing list archive)
State New, archived
Headers show
Series migration/rdma: fix nullptr-def in rdma_start_incoming_migration | expand

Commit Message

Pan Nengyuan May 8, 2020, 10:07 a.m. UTC 
'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
And it will cause a null pointer access in label 'err'. Fix that.

Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
---
 migration/rdma.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

Juan Quintela May 8, 2020, 7:52 a.m. UTC | #1 
Pan Nengyuan <pannengyuan@huawei.com> wrote:
> 'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
> And it will cause a null pointer access in label 'err'. Fix that.
>
> Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
> Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>

Reviewed-by: Juan Quintela <quintela@redhat.com>

good catch.
Peter Maydell May 11, 2020, 9:34 a.m. UTC | #2 
On Fri, 8 May 2020 at 08:53, Juan Quintela <quintela@redhat.com> wrote:
>
> Pan Nengyuan <pannengyuan@huawei.com> wrote:
> > 'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
> > And it will cause a null pointer access in label 'err'. Fix that.
> >
> > Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
> > Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
>
> Reviewed-by: Juan Quintela <quintela@redhat.com>

NB: this is CID 1428762.

thanks
-- PMM
Dr. David Alan Gilbert May 29, 2020, 5:21 p.m. UTC | #3 
* Juan Quintela (quintela@redhat.com) wrote:
> Pan Nengyuan <pannengyuan@huawei.com> wrote:
> > 'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
> > And it will cause a null pointer access in label 'err'. Fix that.
> >
> > Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
> > Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
> 
> Reviewed-by: Juan Quintela <quintela@redhat.com>
> 
> good catch.

Thanks, Queued

> 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
diff mbox series

Patch

diff --git a/migration/rdma.c b/migration/rdma.c
index 967fda5b0c..72e8b1c95b 100644
--- a/migration/rdma.c
+++ b/migration/rdma.c
@@ -4056,7 +4056,9 @@  void rdma_start_incoming_migration(const char *host_port, Error **errp)
     return;
 err:
     error_propagate(errp, local_err);
-    g_free(rdma->host);
+    if (rdma) {
+        g_free(rdma->host);
+    }
     g_free(rdma);
     g_free(rdma_return_path);
 }