From c6aed9833419eed9de19919ff31aa021a6171521 Mon Sep 17 00:00:00 2001 From: Stefan Hajnoczi Date: Wed, 19 Mar 2014 08:58:54 +0100 Subject: [PATCH] qom: Don't make link NULL on object_property_set_link() failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The error behavior of object_property_set_link() is dangerous. It sets the link property object to NULL if an error occurs. A setter function should either succeed or fail, it shouldn't leave the value NULL on failure. Signed-off-by: Stefan Hajnoczi Reviewed-by: Paolo Bonzini Signed-off-by: Andreas Färber --- qom/object.c | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/qom/object.c b/qom/object.c index 2877a00b81..cc946d9dac 100644 --- a/qom/object.c +++ b/qom/object.c @@ -1080,27 +1080,28 @@ static Object *object_resolve_link(Object *obj, const char *name, static void object_set_link_property(Object *obj, Visitor *v, void *opaque, const char *name, Error **errp) { + Error *local_err = NULL; Object **child = opaque; - Object *old_target; - char *path; + Object *old_target = *child; + Object *new_target = NULL; + char *path = NULL; - visit_type_str(v, &path, name, errp); + visit_type_str(v, &path, name, &local_err); - old_target = *child; - *child = NULL; - - if (strcmp(path, "") != 0) { - Object *target; - - target = object_resolve_link(obj, name, path, errp); - if (target) { - object_ref(target); - *child = target; - } + if (!local_err && strcmp(path, "") != 0) { + new_target = object_resolve_link(obj, name, path, &local_err); } g_free(path); + if (local_err) { + error_propagate(errp, local_err); + return; + } + if (new_target) { + object_ref(new_target); + } + *child = new_target; if (old_target != NULL) { object_unref(old_target); }