qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2] qmp: object-add: Validate class before creat

From: Andreas Färber
Subject: Re: [Qemu-devel] [PATCH v2] qmp: object-add: Validate class before creating object
Date: Fri, 25 Apr 2014 17:57:12 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 
Am 25.04.2014 17:12, schrieb Luiz Capitulino:
> On Wed, 16 Apr 2014 14:39:38 -0300
> Eduardo Habkost <address@hidden> wrote:
> 
>> Currently it is very easy to crash QEMU by issuing an object-add command
>> using an abstract class or a class that doesn't support
>> TYPE_USER_CREATABLE as parameter.
>>
>> Example: with the following QMP command:
>>
>>     (QEMU) object-add qom-type=cpu id=foo
>>
>> QEMU aborts at:
>>
>>     ERROR:qom/object.c:335:object_initialize_with_type: assertion failed: 
>> (type->abstract == false)
>>
>> This patch moves the check for TYPE_USER_CREATABLE before object_new(),
>> and adds a check to prevent the code from trying to instantiate abstract
>> classes.
>>
>> Signed-off-by: Eduardo Habkost <address@hidden>
> 
> Applied to the qmp branch, thanks Eduardo.
> 
>> ---
>> Changes v2:
>>  * Change ordering: first check for TYPE_USER_CREATABLE and then check
>>    if class is abstract. This makes the ordering of checks closer to
>>    what's already done on device_add.
>> ---
>>  qmp.c | 21 ++++++++++++++-------
>>  1 file changed, 14 insertions(+), 7 deletions(-)
>>
>> diff --git a/qmp.c b/qmp.c
>> index 87a28f7..9a93ab1 100644
>> --- a/qmp.c
>> +++ b/qmp.c
>> @@ -540,14 +540,27 @@ void object_add(const char *type, const char *id, 
>> const QDict *qdict,
>>                  Visitor *v, Error **errp)
>>  {
>>      Object *obj;
>> +    ObjectClass *klass;

Luiz, can you rename klass to oc please?

Thanks,
Andreas

>>      const QDictEntry *e;
>>      Error *local_err = NULL;
>>  
>> -    if (!object_class_by_name(type)) {
>> +    klass = object_class_by_name(type);
>> +    if (!klass) {
>>          error_setg(errp, "invalid class name");
>>          return;
>>      }
>>  
>> +    if (!object_class_dynamic_cast(klass, TYPE_USER_CREATABLE)) {
>> +        error_setg(errp, "object type '%s' isn't supported by object-add",
>> +                   type);
>> +        return;
>> +    }
>> +
>> +    if (object_class_is_abstract(klass)) {
>> +        error_setg(errp, "object type '%s' is abstract", type);
>> +        return;
>> +    }
>> +
>>      obj = object_new(type);
>>      if (qdict) {
>>          for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
>> @@ -558,12 +571,6 @@ void object_add(const char *type, const char *id, const 
>> QDict *qdict,
>>          }
>>      }
>>  
>> -    if (!object_dynamic_cast(obj, TYPE_USER_CREATABLE)) {
>> -        error_setg(&local_err, "object type '%s' isn't supported by 
>> object-add",
>> -                   type);
>> -        goto out;
>> -    }
>> -
>>      user_creatable_complete(obj, &local_err);
>>      if (local_err) {
>>          goto out;
> 
> 


-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
reply via email to
[Prev in Thread] Current Thread [Next in Thread]