On Thu, 12 Feb 2015 11:05:17 +0800
Jason Wang <jasow...@redhat.com> wrote:
> We don't validate the existence of handle_output which may let a buggy
> guest to trigger a SIGSEV easily. Fix this by validate its existence
> before.
>
> Cc: qemu-sta...@nongnu.org
> Cc: Anthony Liguori <aligu...@amazon.com>
> Cc: Michael S. Tsirkin <m...@redhat.com>
> Signed-off-by: Jason Wang <jasow...@redhat.com>
> ---
> hw/virtio/virtio.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
> index d735343..ffc22e8 100644
> --- a/hw/virtio/virtio.c
> +++ b/hw/virtio/virtio.c
> @@ -761,6 +761,10 @@ void virtio_queue_notify_vq(VirtQueue *vq)
> {
> if (vq->vring.desc) {
> VirtIODevice *vdev = vq->vdev;
> +
> + if (!vq->handle_output) {
> + return;
> + }
Maybe better to just change line 762 to:
if (vq->vring.desc && vq->handle_output) {
-d
> trace_virtio_queue_notify(vdev, vq - vdev->vq, vq);
> vq->handle_output(vdev, vq);
> }
> --
> 1.9.1
>
>
