[PATCH] qemu_hotplug: Don't dereference NULL pointer @newb in qemuDomainChangeNet()

Mon Feb 15 17:59:37 UTC 2021

In one of my previous commits I've made an attempt to restore the
noqueue qdisc on a TAP corresponding to domain's <interface/> if
QoS is cleared out. The commit consisted of two almost identical
hunks. In both the pointer is dereferenced. But in one of them,
the pointer to new bandwidth can't be NULL while in the other it
can leading to a crash.

Fixes: d53b09235398c1320ed2f1b45b640823171467ed
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1919619
Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
 src/qemu/qemu_hotplug.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index e7863328db..a66354426d 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -3900,10 +3900,10 @@ qemuDomainChangeNet(virQEMUDriverPtr driver,
 
         /* If the old bandwidth was cleared out, restore qdisc. */
         if (virDomainNetTypeSharesHostView(newdev)) {
-            if (!newb->out || newb->out->average == 0)
+            if (!newb || !newb->out || newb->out->average == 0)
                 qemuDomainInterfaceSetDefaultQDisc(driver, newdev);
         } else {
-            if (!newb->in || newb->in->average == 0)
+            if (!newb || !newb->in || newb->in->average == 0)
                 qemuDomainInterfaceSetDefaultQDisc(driver, newdev);
         }
         needReplaceDevDef = true;
-- 
2.26.2


