Commit 1bbd185f authored by Stefan Hajnoczi's avatar Stefan Hajnoczi Committed by Aurelien Jarno
Browse files

qemu-char: Check for missing backend name



Check if the backend option is missing before searching the backend
table.  This fixes a NULL pointer dereference when QEMU is invoked with
the following invalid command-line:

  $ qemu -chardev id=foo,path=/tmp/socket

Previously QEMU would segfault, now it produces this error message:

  chardev: "foo" missing backend
Signed-off-by: default avatarStefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: default avatarAurelien Jarno <aurelien@aurel32.net>
parent 9f953ca0
...@@ -2506,6 +2506,11 @@ CharDriverState *qemu_chr_open_opts(QemuOpts *opts, ...@@ -2506,6 +2506,11 @@ CharDriverState *qemu_chr_open_opts(QemuOpts *opts,
return NULL; return NULL;
} }
if (qemu_opt_get(opts, "backend") == NULL) {
fprintf(stderr, "chardev: \"%s\" missing backend\n",
qemu_opts_id(opts));
return NULL;
}
for (i = 0; i < ARRAY_SIZE(backend_table); i++) { for (i = 0; i < ARRAY_SIZE(backend_table); i++) {
if (strcmp(backend_table[i].name, qemu_opt_get(opts, "backend")) == 0) if (strcmp(backend_table[i].name, qemu_opt_get(opts, "backend")) == 0)
break; break;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment