check for bs->drv in bdrv_flush (Christoph Hellwig)

All the bdrv_ helpers should check for bs->drv being zero as that means there is no backend image open. bdrv_flush fails to perform that check and can thus cause NULL pointer dereferences. Found using qemu-io. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6943 c046a42c-6fe2-441c-8c8c-71466251a162

check for bs->drv in bdrv_flush (Christoph Hellwig)
All the bdrv_ helpers should check for bs->drv being zero as that means there is no backend image open. bdrv_flush fails to perform that check and can thus cause NULL pointer dereferences. Found using qemu-io. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6943 c046a42c-6fe2-441c-8c8c-71466251a162
aliguori
1 parent 999dec57
Showing 1 changed file with 2 additions and 0 deletions
block.c
@@ -1002,6 +1002,8 @@ const char *bdrv_get_device_name(BlockDriverState *bs)
 void bdrv_flush(BlockDriverState *bs)
 {
+    if (!bs->drv)
+        return;
     if (bs->drv->bdrv_flush)
         bs->drv->bdrv_flush(bs);
     if (bs->backing_hd)