qemu-block
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] nbd: Prevent NULL pointer dereference in nbd_blockdev_client

From: Alexander Ivanov
Subject: Re: [PATCH] nbd: Prevent NULL pointer dereference in nbd_blockdev_client_closed()
Date: Sat, 8 Jun 2024 11:36:59 +0200
User-agent: Mozilla Thunderbird 
There is a bug reproducer in the attachment.


On 6/7/24 17:00, Alexander Ivanov wrote:

In some cases, the NBD server can be stopped before
nbd_blockdev_client_closed() is called, causing the nbd_server variable
to be nullified. This leads to a NULL pointer dereference when accessing
nbd_server.

Add a NULL check for nbd_server to the nbd_blockdev_client_closed()
function to prevent NULL pointer dereference.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
---
  blockdev-nbd.c | 3 +++
  1 file changed, 3 insertions(+)

diff --git a/blockdev-nbd.c b/blockdev-nbd.c
index 213012435f..fb1f30ae0d 100644
--- a/blockdev-nbd.c
+++ b/blockdev-nbd.c
@@ -52,6 +52,9 @@ int nbd_server_max_connections(void)
  static void nbd_blockdev_client_closed(NBDClient *client, bool ignored)
  {
      nbd_client_put(client);
+    if (nbd_server == NULL) {
+        return;
+    }
      assert(nbd_server->connections > 0);
      nbd_server->connections--;
      nbd_update_server_watch(nbd_server);


--
Best regards,
Alexander Ivanov

Attachment: reproducer.tar.gz
Description: application/gzip

reply via email to
[Prev in Thread] Current Thread [Next in Thread]