From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:52260)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1bk8MB-0004KA-4G
	for qemu-devel@nongnu.org; Wed, 14 Sep 2016 07:28:00 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1bk8M6-0007ja-JL
	for qemu-devel@nongnu.org; Wed, 14 Sep 2016 07:27:59 -0400
References: <20160914062250.22226-1-lma@suse.com>
From: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <387dc626-4081-26ed-078c-82d4513ff549@redhat.com>
Date: Wed, 14 Sep 2016 13:27:50 +0200
MIME-Version: 1.0
In-Reply-To: <20160914062250.22226-1-lma@suse.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] qemu-char: avoid segfault if user lacks of
 permisson of a given logfile
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Lin Ma <lma@suse.com>, qemu-devel@nongnu.org
Cc: berrange@redhat.com, qemu-stable <qemu-stable@nongnu.org>



On 14/09/2016 08:22, Lin Ma wrote:
> Function qemu_chr_alloc returns NULL if it failed to open logfile by any reason,
> says no write permission. For backends tty, stdio and msmouse, They need to
> check this return value to avoid segfault in this case.
> 
> Signed-off-by: Lin Ma <lma@suse.com>
> ---
>  backends/msmouse.c | 3 +++
>  qemu-char.c        | 6 ++++++
>  2 files changed, 9 insertions(+)
> 
> diff --git a/backends/msmouse.c b/backends/msmouse.c
> index aeb9055..aceb6dc 100644
> --- a/backends/msmouse.c
> +++ b/backends/msmouse.c
> @@ -159,6 +159,9 @@ static CharDriverState *qemu_chr_open_msmouse(const char *id,
>      CharDriverState *chr;
>  
>      chr = qemu_chr_alloc(common, errp);
> +    if (!chr) {
> +        return NULL;
> +    }
>      chr->chr_write = msmouse_chr_write;
>      chr->chr_close = msmouse_chr_close;
>      chr->chr_accept_input = msmouse_chr_accept_input;
> diff --git a/qemu-char.c b/qemu-char.c
> index 5f82ebb..fdb23f5 100644
> --- a/qemu-char.c
> +++ b/qemu-char.c
> @@ -1223,6 +1223,9 @@ static CharDriverState *qemu_chr_open_stdio(const char *id,
>      sigaction(SIGCONT, &act, NULL);
>  
>      chr = qemu_chr_open_fd(0, 1, common, errp);
> +    if (!chr) {
> +        return NULL;
> +    }
>      chr->chr_close = qemu_chr_close_stdio;
>      chr->chr_set_echo = qemu_chr_set_echo_stdio;
>      if (opts->has_signal) {
> @@ -1679,6 +1682,9 @@ static CharDriverState *qemu_chr_open_tty_fd(int fd,
>  
>      tty_serial_init(fd, 115200, 'N', 8, 1);
>      chr = qemu_chr_open_fd(fd, fd, backend, errp);
> +    if (!chr) {
> +        return NULL;
> +    }
>      chr->chr_ioctl = tty_serial_ioctl;
>      chr->chr_close = qemu_chr_close_tty;
>      return chr;
> 

Cc: qemu-stable <qemu-stable@nongnu.org>

Queued for 2.8, thanks.