OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/qapi
History
Markus Armbruster 74d8c9d99d qga: Fix crash on non-dictionary QMP argument 
The value of key 'arguments' must be a JSON object.  qemu-ga neglects
to check, and crashes.  To reproduce, send

    { 'execute': 'guest-sync', 'arguments': [] }

to qemu-ga.

do_qmp_dispatch() uses qdict_get_qdict() to get the arguments.  When
not a JSON object, this gets a null pointer, which flows through the
generated marshalling function to qobject_input_visitor_new(), where
it fails the assertion.  qmp_dispatch_check_obj() needs to catch this
error.

QEMU isn't affected, because it runs qmp_check_input_obj() first,
which basically duplicates qmp_dispatch_check_obj()'s checks, plus the
missing one.

Fix by copying the missing one from qmp_check_input_obj() to
qmp_dispatch_check_obj().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Cc: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1488544368-30622-2-git-send-email-armbru@redhat.com>
 		2017-03-05 09:02:10 +01:00
..
Makefile.objs qapi: rename *qmp-*-visitor* to *qobject-*-visitor* 2016-10-25 16:25:48 +02:00
block-core.json -----BEGIN PGP SIGNATURE----- 2017-03-02 23:20:37 +00:00
block.json qmp-events: move 'DEVICE_TRAY_MOVED' doc to schema 2017-01-16 09:19:48 +01:00
common.json qmp-commands: move 'query-commands' doc to schema 2017-01-16 09:19:47 +01:00
crypto.json qapi: add some sections in docs 2017-01-16 09:15:25 +01:00
event.json qmp-events: fix GUEST_PANICKED description formatting 2017-03-03 16:40:03 +01:00
introspect.json qapi: Reorder doc comments for future doc generator 2017-01-16 09:15:25 +01:00
opts-visitor.c util/cutils: Change qemu_strtosz*() from int64_t to uint64_t 2017-02-23 20:35:36 +01:00
qapi-clone-visitor.c qapi: rename *qmp-*-visitor* to *qobject-*-visitor* 2016-10-25 16:25:48 +02:00
qapi-dealloc-visitor.c qapi: Add new visit_free() function 2016-07-06 10:52:04 +02:00
qapi-util.c include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
qapi-visit-core.c qapi: add missing trace_visit_type_enum() call 2017-01-31 17:11:28 +00:00
qmp-dispatch.c qga: Fix crash on non-dictionary QMP argument 2017-03-05 09:02:10 +01:00
qmp-event.c qmp-event: Avoid qobject_from_jsonf("%"PRId64) 2016-12-05 17:09:34 +01:00
qmp-registry.c qapi: Support unregistering QMP commands 2016-09-19 17:32:21 +02:00
qobject-input-visitor.c qapi: rename QmpInputVisitor to QObjectInputVisitor 2016-10-25 16:25:54 +02:00
qobject-output-visitor.c qapi: rename QmpOutputVisitor to QObjectOutputVisitor 2016-10-25 16:25:54 +02:00
rocker.json qmp-commands: move 'query-rocker-of-dpa-groups' doc to schema 2017-01-16 09:19:47 +01:00
string-input-visitor.c string-input-visitor: Favor new visit_free() function 2016-07-06 10:52:04 +02:00
string-output-visitor.c qapi: Add new visit_complete() function 2016-07-06 10:52:04 +02:00
trace-events trace: clean up trace-events files 2017-01-31 17:12:15 +00:00
trace.json qmp-commands: move 'trace-event-set-state' doc to schema 2017-01-16 09:19:47 +01:00