From 88f7db846264223f6059ec329e7b7a77026ad475 Mon Sep 17 00:00:00 2001 From: Luiz Capitulino Date: Wed, 7 Apr 2010 14:49:37 -0300 Subject: QMP: Use QERR_QMP_BAD_INPUT_OBJECT_MEMBER The QERR_QMP_BAD_INPUT_OBJECT error is going to be used only for two problems: the input is not an object or the "execute" key is missing. Signed-off-by: Luiz Capitulino --- monitor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index c25d551f5c..0611b29d1a 100644 --- a/monitor.c +++ b/monitor.c @@ -4404,7 +4404,7 @@ static void handle_qmp_command(JSONMessageParser *parser, QList *tokens) qerror_report(QERR_QMP_BAD_INPUT_OBJECT, "execute"); goto err_input; } else if (qobject_type(obj) != QTYPE_QSTRING) { - qerror_report(QERR_QMP_BAD_INPUT_OBJECT, "string"); + qerror_report(QERR_QMP_BAD_INPUT_OBJECT_MEMBER, "execute", "string"); goto err_input; } -- cgit v1.2.3 From 04f8c053cca9c329eebb761f3a1ffef3d349b84c Mon Sep 17 00:00:00 2001 From: Luiz Capitulino Date: Tue, 6 Apr 2010 16:39:42 -0300 Subject: QMP: Check "arguments" member's type Otherwise the following input crashes QEMU: { "execute": "migrate", "arguments": "tcp:0:4446" } Signed-off-by: Luiz Capitulino --- monitor.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index 0611b29d1a..ef8429861b 100644 --- a/monitor.c +++ b/monitor.c @@ -4437,6 +4437,9 @@ static void handle_qmp_command(JSONMessageParser *parser, QList *tokens) obj = qdict_get(input, "arguments"); if (!obj) { args = qdict_new(); + } else if (qobject_type(obj) != QTYPE_QDICT) { + qerror_report(QERR_QMP_BAD_INPUT_OBJECT_MEMBER, "arguments", "object"); + goto err_input; } else { args = qobject_to_qdict(obj); QINCREF(args); -- cgit v1.2.3 From 0e8d2b5575938b8876a3c4bb66ee13c5d306fb6d Mon Sep 17 00:00:00 2001 From: Luiz Capitulino Date: Tue, 6 Apr 2010 18:55:54 -0300 Subject: Monitor: Return before exiting with 'quit' The 'quit' Monitor command (implemented by do_quit()) calls exit() directly, this is problematic under QMP because QEMU exits before having a chance to send the ok response. Clients don't know if QEMU exited because of a problem or because the 'quit' command has been executed. This commit fixes that by moving the exit() call to the main loop, so that do_quit() requests the system to quit, instead of calling exit() directly. Signed-off-by: Luiz Capitulino --- monitor.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index ef8429861b..0dc24a2f75 100644 --- a/monitor.c +++ b/monitor.c @@ -1017,7 +1017,8 @@ static void do_info_cpu_stats(Monitor *mon) */ static int do_quit(Monitor *mon, const QDict *qdict, QObject **ret_data) { - exit(0); + monitor_suspend(mon); + qemu_system_exit_request(); return 0; } -- cgit v1.2.3 From e53f27b9d9df73461308618151fa6e6392aebd85 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Fri, 16 Apr 2010 17:25:23 +0200 Subject: stash away SCM_RIGHTS fd until a getfd command arrives If there is already a fd in s->msgfd before recvmsg it is closed by parts that this patch does not touch. So, only one descriptor can be "leaked" by attaching it to a command other than getfd. Signed-off-by: Paolo Bonzini Signed-off-by: Luiz Capitulino --- monitor.c | 9 --------- 1 file changed, 9 deletions(-) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index 0dc24a2f75..754bcc5cc0 100644 --- a/monitor.c +++ b/monitor.c @@ -2415,15 +2415,6 @@ static int do_getfd(Monitor *mon, const QDict *qdict, QObject **ret_data) return -1; } - fd = dup(fd); - if (fd == -1) { - if (errno == EMFILE) - qerror_report(QERR_TOO_MANY_FILES); - else - qerror_report(QERR_UNDEFINED_ERROR); - return -1; - } - QLIST_FOREACH(monfd, &mon->fds, next) { if (strcmp(monfd->name, fdname) != 0) { continue; -- cgit v1.2.3