mirror of
https://github.com/Motorhead1991/qemu.git
synced 2026-03-01 23:54:54 -07:00
50571883f6
Passing an uninitialised list to visit_start_list() happens to work for the QObject output visitor because it treats the pointer as an opaque value and never dereferences it, but the string output visitor expects a valid list to check if it has more than one element. The existing code crashes with the string output visitor if the uninitialised value is non-NULL. Passing an explicit NULL would fix the crash, but still result in wrong output. Rework get_prop_array() so that it conforms to the expectations that the string output visitor has. This includes building a real list first and using visit_next_list() to iterate it. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1993 Reported-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> Tested-by: Dan Hoffman <dhoff749@gmail.com> Tested-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-ID: <20231121173416.346610-2-kwolf@redhat.com> |
||
|---|---|---|
| .. | ||
| bus.c | ||
| clock-vmstate.c | ||
| clock.c | ||
| cpu-common.c | ||
| cpu-sysemu.c | ||
| fw-path-provider.c | ||
| generic-loader.c | ||
| gpio.c | ||
| guest-loader.c | ||
| guest-loader.h | ||
| hotplug-stubs.c | ||
| hotplug.c | ||
| irq.c | ||
| Kconfig | ||
| loader-fit.c | ||
| loader.c | ||
| machine-hmp-cmds.c | ||
| machine-qmp-cmds.c | ||
| machine-smp.c | ||
| machine.c | ||
| meson.build | ||
| nmi.c | ||
| null-machine.c | ||
| numa.c | ||
| or-irq.c | ||
| platform-bus.c | ||
| ptimer.c | ||
| qdev-clock.c | ||
| qdev-fw.c | ||
| qdev-hotplug.c | ||
| qdev-prop-internal.h | ||
| qdev-properties-system.c | ||
| qdev-properties.c | ||
| qdev.c | ||
| register.c | ||
| reset.c | ||
| resettable.c | ||
| split-irq.c | ||
| stream.c | ||
| sysbus-fdt.c | ||
| sysbus.c | ||
| trace-events | ||
| trace.h | ||
| uboot_image.h | ||
| vm-change-state-handler.c | ||
| vmstate-if.c | ||