From patchwork Tue Sep 27 11:44:11 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Li Qiang <liq3ea@gmail.com>
X-Patchwork-Id: 675523
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3sjzb633SJz9ryn
	for <incoming@patchwork.ozlabs.org>;
	Tue, 27 Sep 2016 21:47:14 +1000 (AEST)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com header.b=x68VHtQK;
	dkim-atps=neutral
Received: from localhost ([::1]:50000 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1boqqu-0000lp-BE
	for incoming@patchwork.ozlabs.org; Tue, 27 Sep 2016 07:47:12 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49222)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <liq3ea@gmail.com>) id 1boqpi-0008Qs-HX
	for qemu-devel@nongnu.org; Tue, 27 Sep 2016 07:45:59 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <liq3ea@gmail.com>) id 1boqpd-0005l7-K1
	for qemu-devel@nongnu.org; Tue, 27 Sep 2016 07:45:58 -0400
Received: from mail-wm0-f66.google.com ([74.125.82.66]:32772)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <liq3ea@gmail.com>) id 1boqpd-0005hs-EG
	for qemu-devel@nongnu.org; Tue, 27 Sep 2016 07:45:53 -0400
Received: by mail-wm0-f66.google.com with SMTP id w84so738172wmg.0
	for <qemu-devel@nongnu.org>; Tue, 27 Sep 2016 04:45:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=message-id:from:to:cc:subject:date;
	bh=ste3RZWS8bsHsks56s9XtCoE2DdzFTM1S+uFvew2hUc=;
	b=x68VHtQKsgITSG8N1SqN70I6rXYf2Jwk17KK1m9XDzsjsmCTLtAfxf31G9yJGcGl/G
	opKOLxFr9/RdL5R+LLxiKRC6ykdl6sdw0Bk06IozYs1tT/HOXaT7OS/ruzYEczXYD80e
	OgCPE5l1LAZKx1Ky9hb9HkEx/nyHmFJMHUHrOFaRgN57VlK3FUHmXivF3k6nVYgnbO3K
	tQlLxOk0iIBWIr6UPa7gb+DFZFUvRpVFlCYrqQvl79nwsPz32IcShEvcgiE+xnp4aTqm
	e8ME3nSgRIUPaGU58HWzZkFkrCi8Rmqc+6yEOTUwGgcAq3MUffF0+z90fDwhkHzWoJI+
	RF1A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:message-id:from:to:cc:subject:date;
	bh=ste3RZWS8bsHsks56s9XtCoE2DdzFTM1S+uFvew2hUc=;
	b=GwAYZsHd79xTnqmYHJ3RKrlobYpT7o88kPzQd9q5L9zzoI2GlSXCWNag0DL6rpYlc7
	cYBDPAIQCPZ9ojMBaAryUX73/geM/u205EabwxNaBNphi0fYZC+9czJtiMSGgcP67Pug
	h00KvD6DAVxqg6bKmvg+W8YVDfsgk+E7ln9XRLAaFcTL+H/pR80yYiJGmfcCgETjiQ04
	u09rmyOL7e3I3cGjS4Hb+foVQfQYLazSpOXgWjfu/ncOhuYxgnRq5CbELLKpV6jSuY+6
	J4p615C46Wy3kcNWKR0cBD1w4HDx38pm8F8evVs1ymA7E5ML/Hsu3o9vdLQkgtSW645u
	x/JA==
X-Gm-Message-State: 
 AE9vXwM5fPZFS4Z4soP0pub8e7rzc/LZUv7N56wrvqHCkeJCVL3CxZ1ubCYtkG97HjemGA==
X-Received: by 10.194.19.67 with SMTP id c3mr21735069wje.90.1474976671558;
	Tue, 27 Sep 2016 04:44:31 -0700 (PDT)
Received: from localhost.localdomain.localdomain ([104.192.110.250])
	by smtp.gmail.com with ESMTPSA id
	w129sm2726696wmd.9.2016.09.27.04.44.28
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 27 Sep 2016 04:44:31 -0700 (PDT)
Message-ID: <57ea5b9f.87941c0a.d0b87.d5b6@mx.google.com>
X-Google-Original-Message-ID: 
 <1474976651-5329-1-git-send-email-Qiang(liqiang6-s@360.cn)>
From: Li Qiang <liq3ea@gmail.com>
X-Google-Original-From: Li Qiang(liqiang6-s@360.cn)
To: aneesh.kumar@linux.vnet.ibm.com, groug@kaod.org, qemu-devel@nongnu.org
Date: Tue, 27 Sep 2016 04:44:11 -0700
X-Mailer: git-send-email 1.8.3.1
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
	[fuzzy]
X-Received-From: 74.125.82.66
Subject: [Qemu-devel] [PATCH] 9pfs: make unmarshal V9fsString more robust
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Li Qiang <liqiang6-s@360.cn>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

From: Li Qiang <liqiang6-s@360.cn>

In 9pfs function v9fs_iov_vunmarshal, it will not allocate space
for empty string. This will cause several NULL pointer dereference
issues. this patch fix this issue.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
---
 fsdev/9p-iov-marshal.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c
index 663cad5..1d16f8d 100644
--- a/fsdev/9p-iov-marshal.c
+++ b/fsdev/9p-iov-marshal.c
@@ -125,7 +125,7 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int out_num, size_t offset,
                 str->data = g_malloc(str->size + 1);
                 copied = v9fs_unpack(str->data, out_sg, out_num, offset,
                                      str->size);
-                if (copied > 0) {
+                if (copied >= 0) {
                     str->data[str->size] = 0;
                 } else {
                     v9fs_string_free(str);