cb59798846
-bugfix: fix qmp command migrate-set-parameters -some bugfixs about ARM hot-plugged CPUs -hw/core/machine:Fix the missing consideration of cluster-id -test/tcg:Fix target-specific Makefile variable path for user-mode -tests:add (riscv virt) machine mapping to testenv -Make a litte improvement in curl and hw/riscv -qemu support for loongarch -hw/pvrdma: Protect against buggy or malious guest driver -hw/audio/intel-hda:fix stream reset -dsoundaudio:fix crackling audio recordings -add notify-vm-exit support for i386 -blok-backend: prevent dangling BDS pointers across aio_poll() -net:Fix uninitialized data usage -net/eth:Don't consider ESP to be an IPv6 option header -hw/net/vmxnet3:Log guest-triggerable errors using LOG_GUEST_ERROR Signed-off-by: FeiXu <xufei30@huawei.com>
49 lines
1.7 KiB
Diff
49 lines
1.7 KiB
Diff
From 745dd52e9a737f2d1e16fdc79b0f701d63df3606 Mon Sep 17 00:00:00 2001
|
|
From: jianchunfu <jianchunfu_yewu@cmss.chinamobile.com>
|
|
Date: Thu, 16 Mar 2023 16:20:44 +0800
|
|
Subject: [PATCH] curl: Fix error path in curl_open()
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
g_hash_table_destroy() and g_hash_table_foreach_remove() (called by
|
|
curl_drop_all_sockets()) both require the table to be non-NULL, or will
|
|
print assertion failures (just print, no abort).
|
|
There are several paths in curl_open() that can lead to the out_noclean
|
|
label without s->sockets being allocated, so clean it only if it has
|
|
been allocated.
|
|
Example reproducer:
|
|
$ qemu-img info -f http ''
|
|
qemu-img: GLib: g_hash_table_foreach_remove: assertion 'hash_table != NULL' failed
|
|
qemu-img: GLib: g_hash_table_destroy: assertion 'hash_table != NULL' failed
|
|
qemu-img: Could not open '': http curl driver cannot handle the URL '' (does not start with 'http://')
|
|
|
|
Closes: https://gitlab.com/qemu-project/qemu/-/issues/1475
|
|
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Signed-off-by: Hanna Czenczek <hreitz@redhat.com>
|
|
Signed-off-by: jianchunfu <jianchunfu_yewu@cmss.chinamobile.com>
|
|
---
|
|
block/curl.c | 6 ++++--
|
|
1 file changed, 4 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/block/curl.c b/block/curl.c
|
|
index 4a8ae2b269..5aebb08002 100644
|
|
--- a/block/curl.c
|
|
+++ b/block/curl.c
|
|
@@ -821,8 +821,10 @@ out_noclean:
|
|
g_free(s->username);
|
|
g_free(s->proxyusername);
|
|
g_free(s->proxypassword);
|
|
- curl_drop_all_sockets(s->sockets);
|
|
- g_hash_table_destroy(s->sockets);
|
|
+ if (s->sockets) {
|
|
+ curl_drop_all_sockets(s->sockets);
|
|
+ g_hash_table_destroy(s->sockets);
|
|
+ }
|
|
qemu_opts_del(opts);
|
|
return -EINVAL;
|
|
}
|
|
--
|
|
2.27.0
|
|
|