fw_cfg: fix crash if FW_CFG_WRITE_CHANNEL is used incorrectly

Avoid a crash if the guest combines FW_CFG_WRITE_CHANNEL with a wrong value. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
author: Blue Swirl <blauwirbel@gmail.com> 2011-08-26 18:43:18 +0000
committer: Blue Swirl <blauwirbel@gmail.com> 2011-09-04 06:38:24 +0000
commit: 962d4b2834e6a3b37784391a906b5fe2a7e96b74 (patch)
tree: 5edb226a7487d6dcc1b616b380c8fc4dd8391429 /hw/fw_cfg.c
parent: 9f8d2a093fa5c8d29934a5f5f2ff611907a83cef (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/hw/fw_cfg.c b/hw/fw_cfg.c
index 663ad80116..8df265c61d 100644
--- a/hw/fw_cfg.c
+++ b/hw/fw_cfg.c
@@ -214,7 +214,8 @@ static void fw_cfg_write(FWCfgState *s, uint8_t value)
 
     FW_CFG_DPRINTF("write %d\n", value);
 
-    if (s->cur_entry & FW_CFG_WRITE_CHANNEL && s->cur_offset < e->len) {
+    if (s->cur_entry & FW_CFG_WRITE_CHANNEL && e->callback &&
+        s->cur_offset < e->len) {
         e->data[s->cur_offset++] = value;
         if (s->cur_offset == e->len) {
             e->callback(e->callback_opaque, e->data);
author	Blue Swirl <blauwirbel@gmail.com>	2011-08-26 18:43:18 +0000
committer	Blue Swirl <blauwirbel@gmail.com>	2011-09-04 06:38:24 +0000
commit	962d4b2834e6a3b37784391a906b5fe2a7e96b74 (patch)
tree	5edb226a7487d6dcc1b616b380c8fc4dd8391429 /hw/fw_cfg.c
parent	9f8d2a093fa5c8d29934a5f5f2ff611907a83cef (diff)