Re: [Qemu-devel] Possible null-ptr dereference

[Gonglei (Arei)]

Hi,

 

Should be easy to fix though. Does the following help?

 

(Cc’ing Stefan & Kevin)

 

-->

xen_disk:  fix possible null-ptr dereference

 

Signed-off-by: Gonglei <address@hidden>

---

hw/block/xen_disk.c | 1 +

1 file changed, 1 insertion(+)

 

diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c

index aed5b5b..a221d0b 100644

--- a/hw/block/xen_disk.c

+++ b/hw/block/xen_disk.c

@@ -589,6 +589,7 @@ static int blk_send_response_one(struct ioreq *ioreq)

         break;

     default:

         dst = NULL;

+        return 0;

     }

     memcpy(dst, &resp, sizeof(resp));

     blkdev->rings.common.rsp_prod_pvt++;

--

 

Best regards,

-Gonglei

 

From: qemu-devel-bounces+address@hidden [mailto:qemu-devel-bounces+address@hidden On Behalf Of address@hidden
Sent: Saturday, July 26, 2014 6:52 PM
To: address@hidden
Subject: [Qemu-devel] Possible null-ptr dereference

 

Hey,

 

Found a little bug in latest qemu:

 

In function: 

static int blk_send_response_one(struct ioreq *ioreq)

 

File: 

qemu\hw\block\xen_disk.c

 

Code:

 

    default:

        dst = NULL;

    }

    memcpy(dst, &resp, sizeof(resp));

 

 

Just add simple check for dst and it will be all cool ;-)

 

Best regards,

Mateusz Krzywicki