aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Armbruster <armbru@redhat.com>2013-08-02 09:34:00 +0200
committerAnthony Liguori <aliguori@us.ibm.com>2013-08-12 09:15:37 -0500
commitcb77d1925ac4d673e19be58aa39fc53c5d2fed10 (patch)
tree106654b1271da3ba4f59bb3a8e39546c12607314
parent8571fa57cd0426f40629ab77444704745631f168 (diff)
qemu-option: Guard against qemu_opts_set_defaults() misuse
Commit 6d4cd40 fixed qemu_opts_set_defaults() for an existing corner case, but broke it for another one that can't be reached in current code. Quote from its commit message: I believe [opts_parse()] attempts to do the following: If options don't yet exist, create new options Else, if defaults, modify the existing options Else, if list->merge_lists, modify the existing options Else, fail The only caller that passes true for defaults is qemu_opts_set_defaults(). The commit message then claims: A straightforward call of qemu_opts_create() does exactly that. Wrong. When !list->merge_lists, and the option string doesn't contain id=, and options without ID exist, then we don't actually modify the existing options, we create new ones. Not reachable, because we never pass lists with !list->merge_lists to qemu_opts_set_defaults(). Guard against possible (if unlikely) future misuse with assert(). Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1375428840-5275-1-git-send-email-armbru@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r--util/qemu-option.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 7a1552a512..4ebdc4c33c 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -928,6 +928,15 @@ static QemuOpts *opts_parse(QemuOptsList *list, const char *params,
get_opt_value(value, sizeof(value), p+4);
id = value;
}
+
+ /*
+ * This code doesn't work for defaults && !list->merge_lists: when
+ * params has no id=, and list has an element with !opts->id, it
+ * appends a new element instead of returning the existing opts.
+ * However, we got no use for this case. Guard against possible
+ * (if unlikely) future misuse:
+ */
+ assert(!defaults || list->merge_lists);
opts = qemu_opts_create(list, id, !defaults, &local_err);
if (opts == NULL) {
if (error_is_set(&local_err)) {