Message ID | 20220104134102.1080890-1-rohit.kumar3@nutanix.com |
---|---|
State | New |
Headers | show |
Series | [v1] Check and report for incomplete 'global' option format | expand |
Cc'ing Markus / Thomas On 4/1/22 14:41, Rohit Kumar wrote: > Qemu might crash when provided incomplete '-global' option. > For example: > qemu-system-x86_64 -global driver=isa-fdc > qemu-system-x86_64: ../../devel/qemu/qapi/string-input-visitor.c:394: > string_input_visitor_new: Assertion `str' failed. > Aborted (core dumped) > > Resolves: https://gitlab.com/qemu-project/qemu/-/issues/604 > Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com> > --- > softmmu/qdev-monitor.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c > index 01f3834db5..7aee7b9882 100644 > --- a/softmmu/qdev-monitor.c > +++ b/softmmu/qdev-monitor.c > @@ -1020,6 +1020,7 @@ int qemu_global_option(const char *str) > char driver[64], property[64]; > QemuOpts *opts; > int rc, offset; > + Error *err = NULL; > > rc = sscanf(str, "%63[^.=].%63[^=]%n", driver, property, &offset); > if (rc == 2 && str[offset] == '=') { > @@ -1031,7 +1032,13 @@ int qemu_global_option(const char *str) > } > > opts = qemu_opts_parse_noisily(&qemu_global_opts, str, false); > - if (!opts) { > + if (!opts || !qemu_opt_get(opts, "driver") || !qemu_opt_get(opts, "property") || > + !qemu_opt_get(opts, "value")) { > + error_setg(&err, "Invalid 'global' option format\n" > + "Expected: -global <driver>.<property>=<value> or " > + "-global driver=driver,property=property,value=value\n" > + "Received: -global %s", str); > + error_report_err(err); > return -1; > } >
Ping. Please take a look at this patch. Link: https://lists.nongnu.org/archive/html/qemu-devel/2022-01/msg00296.html On 04/01/22 7:22 pm, Philippe Mathieu-Daudé wrote: > Cc'ing Markus / Thomas > > On 4/1/22 14:41, Rohit Kumar wrote: >> Qemu might crash when provided incomplete '-global' option. >> For example: >> qemu-system-x86_64 -global driver=isa-fdc >> qemu-system-x86_64: >> ../../devel/qemu/qapi/string-input-visitor.c:394: >> string_input_visitor_new: Assertion `str' failed. >> Aborted (core dumped) >> >> Resolves: >> https://urldefense.proofpoint.com/v2/url?u=https-3A__gitlab.com_qemu-2Dproject_qemu_-2D_issues_604&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=ABSkr7gy7ZTfApFfI-Xxt1gZNtsDDiXoXOXc0OrkyFs&m=D981HXzQDqFNmq9tQqGqTedyzdOsi9F2fju4ltYq8HjOwS9Le2sJAgk09AWgxQg-&s=AGQxOHDyd9OPvXiP4hHLIb4FptkdlQFHDf2Xtadueo0&e= >> Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com> >> --- >> softmmu/qdev-monitor.c | 9 ++++++++- >> 1 file changed, 8 insertions(+), 1 deletion(-) >> >> diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c >> index 01f3834db5..7aee7b9882 100644 >> --- a/softmmu/qdev-monitor.c >> +++ b/softmmu/qdev-monitor.c >> @@ -1020,6 +1020,7 @@ int qemu_global_option(const char *str) >> char driver[64], property[64]; >> QemuOpts *opts; >> int rc, offset; >> + Error *err = NULL; >> rc = sscanf(str, "%63[^.=].%63[^=]%n", driver, property, >> &offset); >> if (rc == 2 && str[offset] == '=') { >> @@ -1031,7 +1032,13 @@ int qemu_global_option(const char *str) >> } >> opts = qemu_opts_parse_noisily(&qemu_global_opts, str, false); >> - if (!opts) { >> + if (!opts || !qemu_opt_get(opts, "driver") || >> !qemu_opt_get(opts, "property") || >> + !qemu_opt_get(opts, "value")) { >> + error_setg(&err, "Invalid 'global' option format\n" >> + "Expected: -global <driver>.<property>=<value> or " >> + "-global >> driver=driver,property=property,value=value\n" >> + "Received: -global %s", str); >> + error_report_err(err); >> return -1; >> } >
Ping. Hi, please review this patch. Link: https://lists.nongnu.org/archive/html/qemu-devel/2022-01/msg00296.html Thanks ! On 04/01/22 7:11 pm, Rohit Kumar wrote: > Qemu might crash when provided incomplete '-global' option. > For example: > qemu-system-x86_64 -global driver=isa-fdc > qemu-system-x86_64: ../../devel/qemu/qapi/string-input-visitor.c:394: > string_input_visitor_new: Assertion `str' failed. > Aborted (core dumped) > > Resolves: https://gitlab.com/qemu-project/qemu/-/issues/604 > Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com> > --- > softmmu/qdev-monitor.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c > index 01f3834db5..7aee7b9882 100644 > --- a/softmmu/qdev-monitor.c > +++ b/softmmu/qdev-monitor.c > @@ -1020,6 +1020,7 @@ int qemu_global_option(const char *str) > char driver[64], property[64]; > QemuOpts *opts; > int rc, offset; > + Error *err = NULL; > > rc = sscanf(str, "%63[^.=].%63[^=]%n", driver, property, &offset); > if (rc == 2 && str[offset] == '=') { > @@ -1031,7 +1032,13 @@ int qemu_global_option(const char *str) > } > > opts = qemu_opts_parse_noisily(&qemu_global_opts, str, false); > - if (!opts) { > + if (!opts || !qemu_opt_get(opts, "driver") || !qemu_opt_get(opts, "property") || > + !qemu_opt_get(opts, "value")) { > + error_setg(&err, "Invalid 'global' option format\n" > + "Expected: -global <driver>.<property>=<value> or " > + "-global driver=driver,property=property,value=value\n" > + "Received: -global %s", str); > + error_report_err(err); > return -1; > } >
diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c index 01f3834db5..7aee7b9882 100644 --- a/softmmu/qdev-monitor.c +++ b/softmmu/qdev-monitor.c @@ -1020,6 +1020,7 @@ int qemu_global_option(const char *str) char driver[64], property[64]; QemuOpts *opts; int rc, offset; + Error *err = NULL; rc = sscanf(str, "%63[^.=].%63[^=]%n", driver, property, &offset); if (rc == 2 && str[offset] == '=') { @@ -1031,7 +1032,13 @@ int qemu_global_option(const char *str) } opts = qemu_opts_parse_noisily(&qemu_global_opts, str, false); - if (!opts) { + if (!opts || !qemu_opt_get(opts, "driver") || !qemu_opt_get(opts, "property") || + !qemu_opt_get(opts, "value")) { + error_setg(&err, "Invalid 'global' option format\n" + "Expected: -global <driver>.<property>=<value> or " + "-global driver=driver,property=property,value=value\n" + "Received: -global %s", str); + error_report_err(err); return -1; }
Qemu might crash when provided incomplete '-global' option. For example: qemu-system-x86_64 -global driver=isa-fdc qemu-system-x86_64: ../../devel/qemu/qapi/string-input-visitor.c:394: string_input_visitor_new: Assertion `str' failed. Aborted (core dumped) Resolves: https://gitlab.com/qemu-project/qemu/-/issues/604 Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com> --- softmmu/qdev-monitor.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-)