In one of my previous commits I've made an attempt to restore the noqueue qdisc on a TAP corresponding to domain's <interface/> if QoS is cleared out. The commit consisted of two almost identical hunks. In both the pointer is dereferenced. But in one of them, the pointer to new bandwidth can't be NULL while in the other it can leading to a crash. Fixes: d53b09235398c1320ed2f1b45b640823171467ed Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1919619 Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> --- src/qemu/qemu_hotplug.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index e7863328db..a66354426d 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -3900,10 +3900,10 @@ qemuDomainChangeNet(virQEMUDriverPtr driver, /* If the old bandwidth was cleared out, restore qdisc. */ if (virDomainNetTypeSharesHostView(newdev)) { - if (!newb->out || newb->out->average == 0) + if (!newb || !newb->out || newb->out->average == 0) qemuDomainInterfaceSetDefaultQDisc(driver, newdev); } else { - if (!newb->in || newb->in->average == 0) + if (!newb || !newb->in || newb->in->average == 0) qemuDomainInterfaceSetDefaultQDisc(driver, newdev); } needReplaceDevDef = true; -- 2.26.2
