[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v4 26/30] savevm: fix potential segfault on invalid
|
From: |
Michael S. Tsirkin |
|
Subject: |
[Qemu-devel] [PATCH v4 26/30] savevm: fix potential segfault on invalid state |
|
Date: |
Mon, 31 Mar 2014 17:17:40 +0300 |
savevm will segfault if version_id < vmsd->minimum_version_id &&
version_id >= vmsd->minimum_version_id_old
This calls through a NULL pointer. This is a bug (should
exit not crash).
Reviewed-by: Andreas Färber <address@hidden>
Signed-off-by: Michael S. Tsirkin <address@hidden>
---
vmstate.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/vmstate.c b/vmstate.c
index e1e9cae..5451fd2 100644
--- a/vmstate.c
+++ b/vmstate.c
@@ -67,6 +67,9 @@ int vmstate_load_state(QEMUFile *f, const VMStateDescription
*vmsd,
return -EINVAL;
}
if (version_id < vmsd->minimum_version_id) {
+ if (!vmsd->load_state_old) {
+ return -EINVAL;
+ }
return vmsd->load_state_old(f, opaque, version_id);
}
if (vmsd->pre_load) {
--
MST
- [Qemu-devel] [PATCH v4 21/30] ssd0323: fix buffer overun on invalid state load, (continued)
- [Qemu-devel] [PATCH v4 21/30] ssd0323: fix buffer overun on invalid state load, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 20/30] ssi-sd: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 23/30] zaurus: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 22/30] tsc210x: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 24/30] usb: sanity check setup_index+setup_len in post_load, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 25/30] virtio-scsi: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 26/30] savevm: fix potential segfault on invalid state,
Michael S. Tsirkin <=
- [Qemu-devel] [PATCH v4 27/30] vmxnet3: validate interrupt indices coming from guest, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 28/30] vmxnet3: validate interrupt indices read on migration, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 29/30] vmxnet3: validate queues configuration coming from quest, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 30/30] vmxnet3: validate queues configuration read on migration, Michael S. Tsirkin, 2014/03/31
- [Qemu-devel] [PATCH v4 08/30] ahci: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2014/03/31