1. Patchew
  2. QEMU
  3. [PATCH 0/2] migration/rdma: fix nullptr-def in rdma_start_incoming_migration
  4. View patch

[PATCH 1/2] migration/rdma: fix potential nullptr access in rdma_start_incoming_migration

Pan Nengyuan posted 2 patches 5 years, 9 months ago
Maintainers: Juan Quintela <quintela@redhat.com>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>
[PATCH 1/2] migration/rdma: fix potential nullptr access in rdma_start_incoming_migration
Posted by Pan Nengyuan 5 years, 9 months ago 
'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
And it will cause a null pointer access in label 'err'. Fix that.

Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
---
 migration/rdma.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/migration/rdma.c b/migration/rdma.c
index 967fda5b0c..72e8b1c95b 100644
--- a/migration/rdma.c
+++ b/migration/rdma.c
@@ -4056,7 +4056,9 @@ void rdma_start_incoming_migration(const char *host_port, Error **errp)
     return;
 err:
     error_propagate(errp, local_err);
-    g_free(rdma->host);
+    if (rdma) {
+        g_free(rdma->host);
+    }
     g_free(rdma);
     g_free(rdma_return_path);
 }
-- 
2.18.2
Re: [PATCH 1/2] migration/rdma: fix potential nullptr access in rdma_start_incoming_migration
Posted by Juan Quintela 5 years, 9 months ago 
Pan Nengyuan <pannengyuan@huawei.com> wrote:
> 'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
> And it will cause a null pointer access in label 'err'. Fix that.
>
> Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
> Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>

Reviewed-by: Juan Quintela <quintela@redhat.com>

good catch.
Re: [PATCH 1/2] migration/rdma: fix potential nullptr access in rdma_start_incoming_migration
Posted by Peter Maydell 5 years, 9 months ago 
On Fri, 8 May 2020 at 08:53, Juan Quintela <quintela@redhat.com> wrote:
>
> Pan Nengyuan <pannengyuan@huawei.com> wrote:
> > 'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
> > And it will cause a null pointer access in label 'err'. Fix that.
> >
> > Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
> > Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
>
> Reviewed-by: Juan Quintela <quintela@redhat.com>

NB: this is CID 1428762.

thanks
-- PMM
Re: [PATCH 1/2] migration/rdma: fix potential nullptr access in rdma_start_incoming_migration
Posted by Dr. David Alan Gilbert 5 years, 8 months ago 
* Juan Quintela (quintela@redhat.com) wrote:
> Pan Nengyuan <pannengyuan@huawei.com> wrote:
> > 'rdma' is NULL when taking the first error branch in rdma_start_incoming_migration.
> > And it will cause a null pointer access in label 'err'. Fix that.
> >
> > Fixes: 59c59c67ee6b0327ae932deb303caa47919aeb1e
> > Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
> 
> Reviewed-by: Juan Quintela <quintela@redhat.com>
> 
> good catch.

Thanks, Queued

> 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.