[PATCH] util: Prevent a NULl pointer from being accessed

Yi Wang posted 1 patch 2 weeks ago
Test syntax-check failed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/1581516642-25440-1-git-send-email-wang.yi59@zte.com.cn
src/util/virqemu.c | 5 +++++
1 file changed, 5 insertions(+)

[PATCH] util: Prevent a NULl pointer from being accessed

Posted by Yi Wang 2 weeks ago
From: Huang Zijiang <huang.zijiang@zte.com.cn>

virJSONValueObjectGetObject maybe return NULL if the key is
missing or if value is not the correct TYPE, so we have to prevent
a NULl pointer from being accessed.

Signed-off-by: Huang Zijiang <huang.zijiang@zte.com.cn>
Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
---
 src/util/virqemu.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/util/virqemu.c b/src/util/virqemu.c
index f3a233a..29fbe4e 100644
--- a/src/util/virqemu.c
+++ b/src/util/virqemu.c
@@ -257,6 +257,11 @@ virQEMUBuildObjectCommandlineFromJSON(virBufferPtr buf,
     const char *type = virJSONValueObjectGetString(objprops, "qom-type");
     const char *alias = virJSONValueObjectGetString(objprops, "id");
     virJSONValuePtr props = virJSONValueObjectGetObject(objprops, "props");
+    if (!props) {
+        virReportError(VIR_ERR_INVALID_ARG, "%s",
+                       _("reply was missing return props data"));
+        return -1;
+    }
 
     return virQEMUBuildObjectCommandlineFromJSONInternal(buf, type, alias, props);
 }
-- 
1.9.1


Re: [PATCH] util: Prevent a NULl pointer from being accessed

Posted by Peter Krempa 2 weeks ago
On Wed, Feb 12, 2020 at 22:10:42 +0800, Yi Wang wrote:
> From: Huang Zijiang <huang.zijiang@zte.com.cn>
> 
> virJSONValueObjectGetObject maybe return NULL if the key is
> missing or if value is not the correct TYPE, so we have to prevent
> a NULl pointer from being accessed.
> 
> Signed-off-by: Huang Zijiang <huang.zijiang@zte.com.cn>
> Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
> ---
>  src/util/virqemu.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/src/util/virqemu.c b/src/util/virqemu.c
> index f3a233a..29fbe4e 100644
> --- a/src/util/virqemu.c
> +++ b/src/util/virqemu.c
> @@ -257,6 +257,11 @@ virQEMUBuildObjectCommandlineFromJSON(virBufferPtr buf,
>      const char *type = virJSONValueObjectGetString(objprops, "qom-type");
>      const char *alias = virJSONValueObjectGetString(objprops, "id");
>      virJSONValuePtr props = virJSONValueObjectGetObject(objprops, "props");
> +    if (!props) {
> +        virReportError(VIR_ERR_INVALID_ARG, "%s",
> +                       _("reply was missing return props data"));

This error message is misleading. There's no reply, but rather this is
an internally generated JSON struct

> +        return -1;
> +    }
>  
>      return virQEMUBuildObjectCommandlineFromJSONInternal(buf, type, alias, props);

This function checks 'props' internally.

What is this patch supposed to fix?