g_hash_table_destroy() and g_hash_table_foreach_remove() (called by
curl_drop_all_sockets()) both require the table to be non-NULL, or will
print assertion failures (just print, no abort).
There are several paths in curl_open() that can lead to the out_noclean
label without s->sockets being allocated, so clean it only if it has
been allocated.
Example reproducer:
$ qemu-img info -f http ''
qemu-img: GLib: g_hash_table_foreach_remove: assertion 'hash_table != NULL' failed
qemu-img: GLib: g_hash_table_destroy: assertion 'hash_table != NULL' failed
qemu-img: Could not open '': http curl driver cannot handle the URL '' (does not start with 'http://')
Closes: https://gitlab.com/qemu-project/qemu/-/issues/1475
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Hanna Czenczek <hreitz@redhat.com>
---
block/curl.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/block/curl.c b/block/curl.c
index cbada22e9e..ba9977af5a 100644
--- a/block/curl.c
+++ b/block/curl.c
@@ -850,8 +850,10 @@ out_noclean:
g_free(s->username);
g_free(s->proxyusername);
g_free(s->proxypassword);
- curl_drop_all_sockets(s->sockets);
- g_hash_table_destroy(s->sockets);
+ if (s->sockets) {
+ curl_drop_all_sockets(s->sockets);
+ g_hash_table_destroy(s->sockets);
+ }
qemu_opts_del(opts);
return -EINVAL;
}
--
2.39.1
Am 06.02.2023 um 14:29 hat Hanna Czenczek geschrieben: > g_hash_table_destroy() and g_hash_table_foreach_remove() (called by > curl_drop_all_sockets()) both require the table to be non-NULL, or will > print assertion failures (just print, no abort). > > There are several paths in curl_open() that can lead to the out_noclean > label without s->sockets being allocated, so clean it only if it has > been allocated. > > Example reproducer: > $ qemu-img info -f http '' > qemu-img: GLib: g_hash_table_foreach_remove: assertion 'hash_table != NULL' failed > qemu-img: GLib: g_hash_table_destroy: assertion 'hash_table != NULL' failed > qemu-img: Could not open '': http curl driver cannot handle the URL '' (does not start with 'http://') > > Closes: https://gitlab.com/qemu-project/qemu/-/issues/1475 > Suggested-by: Daniel P. Berrangé <berrange@redhat.com> > Signed-off-by: Hanna Czenczek <hreitz@redhat.com> Thanks, applied to the block branch. Kevin
On 6/2/23 14:29, Hanna Czenczek wrote: > g_hash_table_destroy() and g_hash_table_foreach_remove() (called by > curl_drop_all_sockets()) both require the table to be non-NULL, or will > print assertion failures (just print, no abort). > > There are several paths in curl_open() that can lead to the out_noclean > label without s->sockets being allocated, so clean it only if it has > been allocated. > > Example reproducer: > $ qemu-img info -f http '' > qemu-img: GLib: g_hash_table_foreach_remove: assertion 'hash_table != NULL' failed > qemu-img: GLib: g_hash_table_destroy: assertion 'hash_table != NULL' failed > qemu-img: Could not open '': http curl driver cannot handle the URL '' (does not start with 'http://') > > Closes: https://gitlab.com/qemu-project/qemu/-/issues/1475 > Suggested-by: Daniel P. Berrangé <berrange@redhat.com> > Signed-off-by: Hanna Czenczek <hreitz@redhat.com> > --- > block/curl.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
On Mon, Feb 06, 2023 at 02:29:49PM +0100, Hanna Czenczek wrote: > g_hash_table_destroy() and g_hash_table_foreach_remove() (called by > curl_drop_all_sockets()) both require the table to be non-NULL, or will > print assertion failures (just print, no abort). > > There are several paths in curl_open() that can lead to the out_noclean > label without s->sockets being allocated, so clean it only if it has > been allocated. > > Example reproducer: > $ qemu-img info -f http '' > qemu-img: GLib: g_hash_table_foreach_remove: assertion 'hash_table != NULL' failed > qemu-img: GLib: g_hash_table_destroy: assertion 'hash_table != NULL' failed > qemu-img: Could not open '': http curl driver cannot handle the URL '' (does not start with 'http://') > > Closes: https://gitlab.com/qemu-project/qemu/-/issues/1475 > Suggested-by: Daniel P. Berrangé <berrange@redhat.com> > Signed-off-by: Hanna Czenczek <hreitz@redhat.com> > --- > block/curl.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
© 2016 - 2024 Red Hat, Inc.