mirror of
https://github.com/yuzu-emu/unicorn.git
synced 2024-12-23 09:35:40 +00:00
qapi: Fix crash when 'any' or 'null' parameter is missing
Unlike the other visit methods, visit_type_any() and visit_type_null() neglect to check whether qmp_input_get_object() succeeded. They crash when it fails. Reproducer: { "execute": "qom-set", "arguments": { "path": "/machine", "property": "rtc-time" } } Will crash with: qapi/qapi-visit-core.c:277: visit_type_any: Assertion `!err != !*obj' failed Broken in commit 5c678ee. Fix by adding the missing error checks. Backports commit c489780203f9b22aca5539ec7589b7140bdc951f from qemu
This commit is contained in:
parent
fbf6fb1e25
commit
1a138915a5
|
@ -341,6 +341,12 @@ static void qmp_input_type_any(Visitor *v, const char *name, QObject **obj,
|
||||||
QmpInputVisitor *qiv = to_qiv(v);
|
QmpInputVisitor *qiv = to_qiv(v);
|
||||||
QObject *qobj = qmp_input_get_object(qiv, name, true);
|
QObject *qobj = qmp_input_get_object(qiv, name, true);
|
||||||
|
|
||||||
|
if (!qobj) {
|
||||||
|
error_setg(errp, QERR_MISSING_PARAMETER, name ? name : "null");
|
||||||
|
*obj = NULL;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
qobject_incref(qobj);
|
qobject_incref(qobj);
|
||||||
*obj = qobj;
|
*obj = qobj;
|
||||||
}
|
}
|
||||||
|
@ -350,6 +356,11 @@ static void qmp_input_type_null(Visitor *v, const char *name, Error **errp)
|
||||||
QmpInputVisitor *qiv = to_qiv(v);
|
QmpInputVisitor *qiv = to_qiv(v);
|
||||||
QObject *qobj = qmp_input_get_object(qiv, name, true);
|
QObject *qobj = qmp_input_get_object(qiv, name, true);
|
||||||
|
|
||||||
|
if (!qobj) {
|
||||||
|
error_setg(errp, QERR_MISSING_PARAMETER, name ? name : "null");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (qobject_type(qobj) != QTYPE_QNULL) {
|
if (qobject_type(qobj) != QTYPE_QNULL) {
|
||||||
error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
|
error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
|
||||||
"null");
|
"null");
|
||||||
|
|
Loading…
Reference in a new issue