| Message ID | 20160914062250.22226-1-lma@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 14/09/2016 08:22, Lin Ma wrote: > Function qemu_chr_alloc returns NULL if it failed to open logfile by any reason, > says no write permission. For backends tty, stdio and msmouse, They need to > check this return value to avoid segfault in this case. > > Signed-off-by: Lin Ma <lma@suse.com> > --- > backends/msmouse.c | 3 +++ > qemu-char.c | 6 ++++++ > 2 files changed, 9 insertions(+) > > diff --git a/backends/msmouse.c b/backends/msmouse.c > index aeb9055..aceb6dc 100644 > --- a/backends/msmouse.c > +++ b/backends/msmouse.c > @@ -159,6 +159,9 @@ static CharDriverState *qemu_chr_open_msmouse(const char *id, > CharDriverState *chr; > > chr = qemu_chr_alloc(common, errp); > + if (!chr) { > + return NULL; > + } > chr->chr_write = msmouse_chr_write; > chr->chr_close = msmouse_chr_close; > chr->chr_accept_input = msmouse_chr_accept_input; > diff --git a/qemu-char.c b/qemu-char.c > index 5f82ebb..fdb23f5 100644 > --- a/qemu-char.c > +++ b/qemu-char.c > @@ -1223,6 +1223,9 @@ static CharDriverState *qemu_chr_open_stdio(const char *id, > sigaction(SIGCONT, &act, NULL); > > chr = qemu_chr_open_fd(0, 1, common, errp); > + if (!chr) { > + return NULL; > + } > chr->chr_close = qemu_chr_close_stdio; > chr->chr_set_echo = qemu_chr_set_echo_stdio; > if (opts->has_signal) { > @@ -1679,6 +1682,9 @@ static CharDriverState *qemu_chr_open_tty_fd(int fd, > > tty_serial_init(fd, 115200, 'N', 8, 1); > chr = qemu_chr_open_fd(fd, fd, backend, errp); > + if (!chr) { > + return NULL; > + } > chr->chr_ioctl = tty_serial_ioctl; > chr->chr_close = qemu_chr_close_tty; > return chr; > Cc: qemu-stable <qemu-stable@nongnu.org> Queued for 2.8, thanks.
diff --git a/backends/msmouse.c b/backends/msmouse.c index aeb9055..aceb6dc 100644 --- a/backends/msmouse.c +++ b/backends/msmouse.c @@ -159,6 +159,9 @@ static CharDriverState *qemu_chr_open_msmouse(const char *id, CharDriverState *chr; chr = qemu_chr_alloc(common, errp); + if (!chr) { + return NULL; + } chr->chr_write = msmouse_chr_write; chr->chr_close = msmouse_chr_close; chr->chr_accept_input = msmouse_chr_accept_input; diff --git a/qemu-char.c b/qemu-char.c index 5f82ebb..fdb23f5 100644 --- a/qemu-char.c +++ b/qemu-char.c @@ -1223,6 +1223,9 @@ static CharDriverState *qemu_chr_open_stdio(const char *id, sigaction(SIGCONT, &act, NULL); chr = qemu_chr_open_fd(0, 1, common, errp); + if (!chr) { + return NULL; + } chr->chr_close = qemu_chr_close_stdio; chr->chr_set_echo = qemu_chr_set_echo_stdio; if (opts->has_signal) { @@ -1679,6 +1682,9 @@ static CharDriverState *qemu_chr_open_tty_fd(int fd, tty_serial_init(fd, 115200, 'N', 8, 1); chr = qemu_chr_open_fd(fd, fd, backend, errp); + if (!chr) { + return NULL; + } chr->chr_ioctl = tty_serial_ioctl; chr->chr_close = qemu_chr_close_tty; return chr;
Function qemu_chr_alloc returns NULL if it failed to open logfile by any reason, says no write permission. For backends tty, stdio and msmouse, They need to check this return value to avoid segfault in this case. Signed-off-by: Lin Ma <lma@suse.com> --- backends/msmouse.c | 3 +++ qemu-char.c | 6 ++++++ 2 files changed, 9 insertions(+)