qemu/core at 50571883f6dad098e1eecfb717ed509451a7a476 - qemu

History

Kevin Wolf 50571883f6 qdev: Fix crash in array property getter Passing an uninitialised list to visit_start_list() happens to work for the QObject output visitor because it treats the pointer as an opaque value and never dereferences it, but the string output visitor expects a valid list to check if it has more than one element. The existing code crashes with the string output visitor if the uninitialised value is non-NULL. Passing an explicit NULL would fix the crash, but still result in wrong output. Rework get_prop_array() so that it conforms to the expectations that the string output visitor has. This includes building a real list first and using visit_next_list() to iterate it. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1993 Reported-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> Tested-by: Dan Hoffman <dhoff749@gmail.com> Tested-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-ID: <20231121173416.346610-2-kwolf@redhat.com>		2023-11-28 08:12:49 -05:00
..
bus.c
clock-vmstate.c
clock.c	misc: fix commonly doubled up words	2022-08-01 11:58:02 +02:00
cpu-common.c	cpu: Call plugin hooks only when ready	2023-11-08 15:15:23 +00:00
cpu-sysemu.c	memory: follow Error API guidelines	2023-10-19 23:13:27 +02:00
fw-path-provider.c
generic-loader.c	hw/other: spelling fixes	2023-09-21 11:31:16 +03:00
gpio.c
guest-loader.c
guest-loader.h
hotplug-stubs.c
hotplug.c
irq.c	hw/irq: Declare QOM macros using OBJECT_DECLARE_SIMPLE_TYPE()	2023-02-27 13:27:05 +00:00
Kconfig
loader-fit.c
loader.c	hw/core: skip loading debug on all failures	2023-11-23 14:10:06 +00:00
machine-hmp-cmds.c	qapi: Add query-memory-devices support to hv-balloon	2023-11-06 14:08:10 +01:00
machine-qmp-cmds.c	hw/core: Move machine-qmp-cmds.c into the target independent source set	2023-05-16 09:14:18 +02:00
machine-smp.c	CPU topology: extend with s390 specifics	2023-10-20 07:16:53 +02:00
machine.c	igb: Add Function Level Reset to PF and VF	2023-11-13 15:33:37 +08:00
meson.build	meson: Replace softmmu_ss -> system_ss	2023-06-20 10:01:30 +02:00
nmi.c	hw/core: Improve error message when machine doesn't provide NMIs	2023-02-23 14:10:17 +01:00
null-machine.c
numa.c	numa: Check for qemu_strtosz_MiB error	2023-06-02 12:29:27 -05:00
or-irq.c	hw: Replace qemu_or_irq typedef by OrIRQState	2023-02-27 13:27:05 +00:00
platform-bus.c
ptimer.c	replay: Extract core API to 'exec/replay-core.h'	2023-02-27 22:29:01 +01:00
qdev-clock.c	Drop more useless casts from void * to pointer	2022-12-14 16:19:35 +01:00
qdev-fw.c
qdev-hotplug.c
qdev-prop-internal.h
qdev-properties-system.c	qdev: Make netdev properties work as list elements	2023-11-10 18:19:15 +01:00
qdev-properties.c	qdev: Fix crash in array property getter	2023-11-28 08:12:49 -05:00
qdev.c	hw/qdev: Constify DeviceState* argument of qdev_get_parent_bus()	2023-02-27 22:29:01 +01:00
register.c
reset.c	reset: allow registering handlers that aren't called by snapshot loading	2022-10-27 11:34:31 +01:00
resettable.c	hw/core/resettable: fix reset level counting	2022-10-27 10:27:23 +01:00
split-irq.c
stream.c
sysbus-fdt.c	hw/core: Tidy up unnecessary casting away of const	2022-10-22 22:50:27 +02:00
sysbus.c	bulk: Rename TARGET_FMT_plx -> HWADDR_FMT_plx	2023-01-18 11:14:34 +01:00
trace-events	trace-events: remove the remaining vcpu trace events	2023-06-01 11:05:05 -04:00
trace.h
uboot_image.h	hw/core: Sync uboot_image.h from U-Boot v2022.01	2022-05-24 10:38:50 +10:00
vm-change-state-handler.c	qdev: Add qdev_add_vm_change_state_handler_full()	2023-09-11 08:34:05 +02:00
vmstate-if.c