diff options
| author | Peter Lieven <pl@kamp.de> | 2017-02-01 10:53:48 +0100 |
|---|---|---|
| committer | Max Reitz <mreitz@redhat.com> | 2017-02-12 00:47:42 +0100 |
| commit | 8d20abe87afa735cd0ae6688bd105c7a27390343 (patch) | |
| tree | 7b5fd58303cefcbc8388a803d58831a466fa63ab | |
| parent | 16e977d506bcc2d9f7daa4a9f7cc2b48536d9da6 (diff) | |
| download | qemu-8d20abe87afa735cd0ae6688bd105c7a27390343.zip qemu-8d20abe87afa735cd0ae6688bd105c7a27390343.tar.gz qemu-8d20abe87afa735cd0ae6688bd105c7a27390343.tar.bz2 | |
block/nfs: fix NULL pointer dereference in URI parsing
parse_uint_full wants to put the parsed value into the
variable passed via its second argument which is NULL.
Fixes: 94d6a7a76e9df9919629428f6c598e2b97d9426c
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1485942829-10756-2-git-send-email-pl@kamp.de
Signed-off-by: Max Reitz <mreitz@redhat.com>
| -rw-r--r-- | block/nfs.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/block/nfs.c b/block/nfs.c index a564340..baaecff 100644 --- a/block/nfs.c +++ b/block/nfs.c @@ -108,12 +108,13 @@ static int nfs_parse_uri(const char *filename, QDict *options, Error **errp) qdict_put(options, "path", qstring_from_str(uri->path)); for (i = 0; i < qp->n; i++) { + unsigned long long val; if (!qp->p[i].value) { error_setg(errp, "Value for NFS parameter expected: %s", qp->p[i].name); goto out; } - if (parse_uint_full(qp->p[i].value, NULL, 0)) { + if (parse_uint_full(qp->p[i].value, &val, 0)) { error_setg(errp, "Illegal value for NFS parameter: %s", qp->p[i].name); goto out; |