aboutsummaryrefslogtreecommitdiff
path: root/qapi
diff options
context:
space:
mode:
authorLuiz Capitulino <lcapitulino@redhat.com>2011-11-14 11:25:09 -0200
committerLuiz Capitulino <lcapitulino@redhat.com>2011-11-17 15:15:03 -0200
commit54d50be688aba80e0fd5ba53f23a074a0ce2e381 (patch)
tree399651a6203a4c93ecd6eca56d4ca199a109bba1 /qapi
parent3f5bd4e1b874590d3d76e031530799a4610da6dc (diff)
downloadqemu-54d50be688aba80e0fd5ba53f23a074a0ce2e381.zip
qemu-54d50be688aba80e0fd5ba53f23a074a0ce2e381.tar.gz
qemu-54d50be688aba80e0fd5ba53f23a074a0ce2e381.tar.bz2
qapi: Check for negative enum values
We don't currently check for negative enum values in qmp_output_type_enum(), this will very likely generate a segfault when triggered. However, it _seems_ that no code in tree can trigger this today. Acked-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Diffstat (limited to 'qapi')
-rw-r--r--qapi/qmp-output-visitor.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/qapi/qmp-output-visitor.c b/qapi/qmp-output-visitor.c
index d67724e..f76d015 100644
--- a/qapi/qmp-output-visitor.c
+++ b/qapi/qmp-output-visitor.c
@@ -190,7 +190,7 @@ static void qmp_output_type_enum(Visitor *v, int *obj, const char *strings[],
assert(strings);
while (strings[i++] != NULL);
- if (value >= i - 1) {
+ if (value < 0 || value >= i - 1) {
error_set(errp, QERR_INVALID_PARAMETER, name ? name : "null");
return;
}