From: Alex Jia <ajia@xxxxxxxxxx>
* src/qemu/qemu_process.c (qemuFindAgentConfig): avoid crash libvirtd due to
deref a NULL pointer.
* How to reproduce?
1. virsh edit the following xml into guest configuration:
<channel type='pty'>
<target type='virtio'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
2. virsh start <domain>
or
% virt-install -n foo -r 1024 --disk path=/var/lib/libvirt/images/foo.img,size=1 \
--channel pty,target_type=virtio -l <installation tree>
Signed-off-by: Alex Jia <ajia@xxxxxxxxxx>
---
src/qemu/qemu_process.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 2d92d66..6dc1732 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -189,11 +189,14 @@ qemuFindAgentConfig(virDomainDefPtr def)
for (i = 0 ; i < def->nchannels ; i++) {
virDomainChrDefPtr channel = def->channels[i];
+ if(!channel)
+ break;
if (channel->targetType != VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO)
continue;
- if (STREQ(channel->target.name, "org.qemu.guest_agent.0")) {
+ if (channel->target.name &&
+ STREQ(channel->target.name, "org.qemu.guest_agent.0")) {
config = &channel->source;
break;
}
--
1.7.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list