1. Patchew
  2. QEMU
  3. [PULL 00/32] Miscellaneous patches for 2020-04-29
  4. View patch

[PULL 23/32] qga: Fix qmp_guest_get_memory_blocks() error handling

Markus Armbruster posted 32 patches 5 years, 9 months ago
Maintainers: Palmer Dabbelt <palmer@dabbelt.com>, Peter Maydell <peter.maydell@linaro.org>, Hailiang Zhang <zhang.zhanghailiang@huawei.com>, BALATON Zoltan <balaton@eik.bme.hu>, Michael Roth <mdroth@linux.vnet.ibm.com>, Gerd Hoffmann <kraxel@redhat.com>, "Gonglei (Arei)" <arei.gonglei@huawei.com>, Stefan Hajnoczi <stefanha@redhat.com>, Markus Armbruster <armbru@redhat.com>, Juan Quintela <quintela@redhat.com>, David Gibson <david@gibson.dropbear.id.au>, Wen Congyang <wencongyang2@huawei.com>, "Michael S. Tsirkin" <mst@redhat.com>, "Daniel P. Berrangé" <berrange@redhat.com>, Fam Zheng <fam@euphon.net>, Max Reitz <mreitz@redhat.com>, Bastian Koppelmann <kbastian@mail.uni-paderborn.de>, Stefano Stabellini <sstabellini@kernel.org>, Kevin Wolf <kwolf@redhat.com>, Aleksandar Rikalo <aleksandar.rikalo@rt-rk.com>, Richard Henderson <rth@twiddle.net>, Aurelien Jarno <aurelien@aurel32.net>, Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>, "Marc-André Lureau" <marcandre.lureau@redhat.com>, John Snow <jsnow@redhat.com>, Bandan Das <bsd@redhat.com>, "Edgar E. Iglesias" <edgar.iglesias@gmail.com>, Xie Changlong <xiechanglong.d@gmail.com>, "Philippe Mathieu-Daudé" <philmd@redhat.com>, Anthony Perard <anthony.perard@citrix.com>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>, Alistair Francis <Alistair.Francis@wdc.com>, Jeff Cody <codyprime@gmail.com>, Sagar Karandikar <sagark@eecs.berkeley.edu>, Eduardo Habkost <ehabkost@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>, Alexander Bulekov <alxndr@bu.edu>, Thomas Huth <thuth@redhat.com>, Paul Durrant <paul@xen.org>, Laurent Vivier <lvivier@redhat.com>, Corey Minyard <cminyard@mvista.com>, Jason Wang <jasowang@redhat.com>
[PULL 23/32] qga: Fix qmp_guest_get_memory_blocks() error handling
Posted by Markus Armbruster 5 years, 9 months ago 
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL.  Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.

qmp_guest_get_memory_blocks() passes &local_err to
transfer_memory_block() in a loop.  If this fails in more than one
iteration, it can trip error_setv()'s assertion.

Fix it to break the loop.

Cc: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200422130719.28225-14-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
---
 qga/commands-posix.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/qga/commands-posix.c b/qga/commands-posix.c
index a52af0315f..ae1348dc8f 100644
--- a/qga/commands-posix.c
+++ b/qga/commands-posix.c
@@ -2518,6 +2518,9 @@ GuestMemoryBlockList *qmp_guest_get_memory_blocks(Error **errp)
         mem_blk->phys_index = strtoul(&de->d_name[6], NULL, 10);
         mem_blk->has_can_offline = true; /* lolspeak ftw */
         transfer_memory_block(mem_blk, true, NULL, &local_err);
+        if (local_err) {
+            break;
+        }
 
         entry = g_malloc0(sizeof *entry);
         entry->value = mem_blk;
-- 
2.21.1

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.