qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 30/43] hmp: do not crash on invalid SCSI hotplug

From: Michael Roth
Subject: [Qemu-devel] [PATCH 30/43] hmp: do not crash on invalid SCSI hotplug
Date: Mon, 3 Dec 2012 16:25:46 -0600 
From: Paolo Bonzini <address@hidden>

Commit 0d93692 (qdev: Convert busses to QEMU Object Model, 2012-05-02)
removed a check on the type of the bus where a SCSI disk is hotplugged.
However, hot-plugging to the wrong kind of device now causes a crash
due to either a NULL pointer dereference (avoided by the previous patch)
or a failed QOM cast.

Instead, in this case we need to use object_dynamic_cast and check for
the result, similar to what was done before that commit.

Reported-by: Markus Armbruster <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Anthony Liguori <address@hidden>
(cherry picked from commit b5007bcc9729acd995518c52eb1038c4d8416b5d)

Signed-off-by: Michael Roth <address@hidden>
---
 hw/pci-hotplug.c |    8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/hw/pci-hotplug.c b/hw/pci-hotplug.c
index e7fb780..0ca5546 100644
--- a/hw/pci-hotplug.c
+++ b/hw/pci-hotplug.c
@@ -80,7 +80,13 @@ static int scsi_hot_add(Monitor *mon, DeviceState *adapter,
     SCSIBus *scsibus;
     SCSIDevice *scsidev;
 
-    scsibus = SCSI_BUS(QLIST_FIRST(&adapter->child_bus));
+    scsibus = (SCSIBus *)
+        object_dynamic_cast(OBJECT(QLIST_FIRST(&adapter->child_bus)),
+                            TYPE_SCSI_BUS);
+    if (!scsibus) {
+       error_report("Device is not a SCSI adapter");
+       return -1;
+    }
 
     /*
      * drive_init() tries to find a default for dinfo->unit.  Doesn't
-- 
1.7.9.5
reply via email to
[Prev in Thread] Current Thread [Next in Thread]