From d93a08eb47e248b165e1fa80d5198a91f9ca9e40 Mon Sep 17 00:00:00 2001 From: Alex Jia Date: Thu, 22 Sep 2011 03:02:44 +0800 Subject: [PATCH] qemu: avoid dereferencing a NULL pointer * src/qemu/qemu_process.c: Taking if (qemuDomainObjEndJob(driver, obj) == 0) true branch then 'obj' is NULL, virDomainObjIsActive(obj) and virDomainObjUnref(obj) will dereference NULL pointer. Signed-off-by: Alex Jia --- src/qemu/qemu_process.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index bd49b211d3..9fdf846a60 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -2661,22 +2661,24 @@ error: if (qemuDomainObjEndJob(driver, obj) == 0) obj = NULL; - if (!virDomainObjIsActive(obj)) { - if (virDomainObjUnref(obj) > 0) - virDomainObjUnlock(obj); - qemuDriverUnlock(driver); - return; - } + if (obj) { + if (!virDomainObjIsActive(obj)) { + if (virDomainObjUnref(obj) > 0) + virDomainObjUnlock(obj); + qemuDriverUnlock(driver); + return; + } - if (virDomainObjUnref(obj) > 0) { - /* We can't get the monitor back, so must kill the VM - * to remove danger of it ending up running twice if - * user tries to start it again later */ - qemuProcessStop(driver, obj, 0, VIR_DOMAIN_SHUTOFF_FAILED); - if (!obj->persistent) - virDomainRemoveInactive(&driver->domains, obj); - else - virDomainObjUnlock(obj); + if (virDomainObjUnref(obj) > 0) { + /* We can't get the monitor back, so must kill the VM + * to remove danger of it ending up running twice if + * user tries to start it again later */ + qemuProcessStop(driver, obj, 0, VIR_DOMAIN_SHUTOFF_FAILED); + if (!obj->persistent) + virDomainRemoveInactive(&driver->domains, obj); + else + virDomainObjUnlock(obj); + } } qemuDriverUnlock(driver);