On 14/09/2016 08:22, Lin Ma wrote:
> Function qemu_chr_alloc returns NULL if it failed to open logfile by any
> reason,
> says no write permission. For backends tty, stdio and msmouse, They need to
> check this return value to avoid segfault in this case.
>
> Signed-off-by: Lin Ma <l...@suse.com>
> ---
> backends/msmouse.c | 3 +++
> qemu-char.c | 6 ++++++
> 2 files changed, 9 insertions(+)
>
> diff --git a/backends/msmouse.c b/backends/msmouse.c
> index aeb9055..aceb6dc 100644
> --- a/backends/msmouse.c
> +++ b/backends/msmouse.c
> @@ -159,6 +159,9 @@ static CharDriverState *qemu_chr_open_msmouse(const char
> *id,
> CharDriverState *chr;
>
> chr = qemu_chr_alloc(common, errp);
> + if (!chr) {
> + return NULL;
> + }
> chr->chr_write = msmouse_chr_write;
> chr->chr_close = msmouse_chr_close;
> chr->chr_accept_input = msmouse_chr_accept_input;
> diff --git a/qemu-char.c b/qemu-char.c
> index 5f82ebb..fdb23f5 100644
> --- a/qemu-char.c
> +++ b/qemu-char.c
> @@ -1223,6 +1223,9 @@ static CharDriverState *qemu_chr_open_stdio(const char
> *id,
> sigaction(SIGCONT, &act, NULL);
>
> chr = qemu_chr_open_fd(0, 1, common, errp);
> + if (!chr) {
> + return NULL;
> + }
> chr->chr_close = qemu_chr_close_stdio;
> chr->chr_set_echo = qemu_chr_set_echo_stdio;
> if (opts->has_signal) {
> @@ -1679,6 +1682,9 @@ static CharDriverState *qemu_chr_open_tty_fd(int fd,
>
> tty_serial_init(fd, 115200, 'N', 8, 1);
> chr = qemu_chr_open_fd(fd, fd, backend, errp);
> + if (!chr) {
> + return NULL;
> + }
> chr->chr_ioctl = tty_serial_ioctl;
> chr->chr_close = qemu_chr_close_tty;
> return chr;
>
Cc: qemu-stable <qemu-sta...@nongnu.org>
Queued for 2.8, thanks.
