diff options
Diffstat (limited to 'migration/savevm.c')
-rw-r--r-- | migration/savevm.c | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/migration/savevm.c b/migration/savevm.c index 204012ecef..01997687c4 100644 --- a/migration/savevm.c +++ b/migration/savevm.c @@ -590,8 +590,14 @@ int register_savevm_live(DeviceState *dev, if (dev) { char *id = qdev_get_dev_path(dev); if (id) { - pstrcpy(se->idstr, sizeof(se->idstr), id); - pstrcat(se->idstr, sizeof(se->idstr), "/"); + if (snprintf(se->idstr, sizeof(se->idstr), "%s/", id) >= + sizeof(se->idstr)) { + error_report("Path too long for VMState (%s)", id); + g_free(id); + g_free(se); + + return -1; + } g_free(id); se->compat = g_new0(CompatEntry, 1); @@ -656,7 +662,8 @@ void unregister_savevm(DeviceState *dev, const char *idstr, void *opaque) int vmstate_register_with_alias_id(DeviceState *dev, int instance_id, const VMStateDescription *vmsd, void *opaque, int alias_id, - int required_for_version) + int required_for_version, + Error **errp) { SaveStateEntry *se; @@ -673,9 +680,14 @@ int vmstate_register_with_alias_id(DeviceState *dev, int instance_id, if (dev) { char *id = qdev_get_dev_path(dev); if (id) { - pstrcpy(se->idstr, sizeof(se->idstr), id); - pstrcat(se->idstr, sizeof(se->idstr), "/"); - g_free(id); + if (snprintf(se->idstr, sizeof(se->idstr), "%s/", id) >= + sizeof(se->idstr)) { + error_setg(errp, "Path too long for VMState (%s)", id); + g_free(id); + g_free(se); + + return -1; + } se->compat = g_new0(CompatEntry, 1); pstrcpy(se->compat->idstr, sizeof(se->compat->idstr), vmsd->name); @@ -1343,6 +1355,7 @@ static int loadvm_postcopy_handle_advise(MigrationIncomingState *mis) } if (!postcopy_ram_supported_by_host()) { + postcopy_state_set(POSTCOPY_INCOMING_NONE); return -1; } @@ -2199,7 +2212,6 @@ void qmp_xen_load_devices_state(const char *filename, Error **errp) qio_channel_set_name(QIO_CHANNEL(ioc), "migration-xen-load-state"); f = qemu_fopen_channel_input(QIO_CHANNEL(ioc)); - migration_incoming_state_new(f); ret = qemu_loadvm_state(f); qemu_fclose(f); if (ret < 0) { @@ -2215,6 +2227,7 @@ int load_vmstate(const char *name) QEMUFile *f; int ret; AioContext *aio_context; + MigrationIncomingState *mis = migration_incoming_get_current(); if (!bdrv_all_can_snapshot(&bs)) { error_report("Device '%s' is writable but does not support snapshots.", @@ -2265,7 +2278,7 @@ int load_vmstate(const char *name) } qemu_system_reset(VMRESET_SILENT); - migration_incoming_state_new(f); + mis->from_src_file = f; aio_context_acquire(aio_context); ret = qemu_loadvm_state(f); |