fix segfault in setting migration speed

Hi, Whoever wrote this migrate_set_speed function is totally stupid. Any failed or completed migration keeps its state to allow probing of migration data, but has no associated file anymore. It is, thus, possible to crash qemu by calling migrate_set_speed after a migration is finished (or failed, or cancelled), but before another one starts. This patch fixes it. Signed-off-by: Glauber Costa <glommer@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

fix segfault in setting migration speed
Hi, Whoever wrote this migrate_set_speed function is totally stupid. Any failed or completed migration keeps its state to allow probing of migration data, but has no associated file anymore. It is, thus, possible to crash qemu by calling migrate_set_speed after a migration is finished (or failed, or cancelled), but before another one starts. This patch fixes it. Signed-off-by: Glauber Costa <glommer@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Glauber Costa · Anthony Liguori
1 parent 9f6839d4
Showing 1 changed file with 3 additions and 1 deletions
savevm.c
@@ -556,7 +556,9 @@ int qemu_file_rate_limit(QEMUFile *f)
  
 size_t qemu_file_set_rate_limit(QEMUFile *f, size_t new_rate)
 {
-    if (f->set_rate_limit)
+    /* any failed or completed migration keeps its state to allow probing of
+     * migration data, but has no associated file anymore */
+    if (f && f->set_rate_limit)
         return f->set_rate_limit(f->opaque, new_rate);
  
     return 0;