[4/9] QMP: Check "arguments" member's type

Submitter	Luiz Capitulino
Date	April 26, 2010, 3:47 p.m.
Message ID	<1272296853-30285-5-git-send-email-lcapitulino@redhat.com>
Download	mbox \| patch
Permalink	/patch/50971/
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Luiz Capitulino <lcapitulino@redhat.com> To: aliguori@us.ibm.com Date: Mon, 26 Apr 2010 12:47:28 -0300 Message-Id: <1272296853-30285-5-git-send-email-lcapitulino@redhat.com> In-Reply-To: <1272296853-30285-1-git-send-email-lcapitulino@redhat.com> References: <1272296853-30285-1-git-send-email-lcapitulino@redhat.com> Cc: qemu-devel@nongnu.org Subject: [Qemu-devel] [PATCH 4/9] QMP: Check "arguments" member's type Precedence: list Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Comments

Luiz Capitulino - April 26, 2010, 3:47 p.m.

Otherwise the following input crashes QEMU:

{ "execute": "migrate", "arguments": "tcp:0:4446" }

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
---
 monitor.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

Patch

diff --git a/monitor.c b/monitor.c
index 0611b29..ef84298 100644
--- a/monitor.c
+++ b/monitor.c
@@ -4437,6 +4437,9 @@  static void handle_qmp_command(JSONMessageParser *parser, QList *tokens)
     obj = qdict_get(input, "arguments");
     if (!obj) {
         args = qdict_new();
+    } else if (qobject_type(obj) != QTYPE_QDICT) {
+        qerror_report(QERR_QMP_BAD_INPUT_OBJECT_MEMBER, "arguments", "object");
+        goto err_input;
     } else {
         args = qobject_to_qdict(obj);
         QINCREF(args);

Patchwork [4/9] QMP: Check "arguments" member's type

Comments

Patch