[libvirt] [PATCH 1/3] qemuMonitorJSONQueryRxFilter: Validate qemu reply prior parsing it
Peter Krempa
pkrempa at redhat.com
Tue May 3 11:09:10 UTC 2016
On Tue, May 03, 2016 at 11:53:19 +0200, Michal Privoznik wrote:
> Usually, the flow in this area of the code is as follows:
>
> qemuMonitorJSONMakeCommand()
> qemuMonitorJSONCommand()
> qemuMonitorJSONCheckError()
> parseReply()
>
> But in this function, for some reasons, the last two steps were
> swapped. This makes no sense.
>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> src/qemu/qemu_monitor_json.c | 9 +++------
> 1 file changed, 3 insertions(+), 6 deletions(-)
>
> diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
> index a48a263..81970b9 100644
> --- a/src/qemu/qemu_monitor_json.c
> +++ b/src/qemu/qemu_monitor_json.c
> @@ -3220,9 +3220,6 @@ qemuMonitorJSONQueryRxFilterParse(virJSONValuePtr msg,
> size_t i;
> virNetDevRxFilterPtr fil = virNetDevRxFilterNew();
>
> - if (!fil)
> - goto cleanup;
> -
The code dereferences 'fil' a few lines below. Without this check it
might crash.
> if (!(returnArray = virJSONValueObjectGetArray(msg, "return"))) {
> virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> _("query-rx-filter reply was missing return data"));
> @@ -3401,14 +3398,14 @@ qemuMonitorJSONQueryRxFilter(qemuMonitorPtr mon, const char *alias,
> if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0)
> goto cleanup;
>
> + if (qemuMonitorJSONCheckError(cmd, reply) < 0)
> + goto cleanup;
> +
> if (qemuMonitorJSONQueryRxFilterParse(reply, filter) < 0)
> goto cleanup;
>
> ret = 0;
> cleanup:
> - if (ret == 0)
> - ret = qemuMonitorJSONCheckError(cmd, reply);
> -
> if (ret < 0) {
> virNetDevRxFilterFree(*filter);
> *filter = NULL;
ACK to the last two hunks, the first one needs to be removed.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20160503/09f1a0e3/attachment-0001.sig>
More information about the libvir-list
mailing list