[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] PATCH: Avoid SEGV in IOHandler dispatch
From: |
Daniel P. Berrange |
Subject: |
[Qemu-devel] PATCH: Avoid SEGV in IOHandler dispatch |
Date: |
Mon, 13 Aug 2007 20:06:41 +0100 |
User-agent: |
Mutt/1.4.1i |
The code in main_loop_wait() which handles dispatching of IOHandlers only
checks the 'deleted' flag once per iteration. If a handler was registered
for both read & write events initially, and the read callback removes the
handler, then the write callback will be set to NULL. If select() reported
that there was a write event pending as well, then this will lead to QEMU
crashing when trying to invoke the NULL write callback. A similar problem
occurs if the handler was registered for read+write, and the read handler
updates it to only select for read in the future - the write callback will
be set to NULL. The attached patch adds neccessary checks to protect against
this problem.
Signed-off-by: Daniel P. Berrange <address@hidden>
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
iohandler-delete.patch
Description: Text document
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-devel] PATCH: Avoid SEGV in IOHandler dispatch,
Daniel P. Berrange <=