From 322ede62a2abd4e6a239777817abbb23975bbdab Mon Sep 17 00:00:00 2001
From: Amit Shah <amit.shah@redhat.com>
Date: Wed, 2 Nov 2011 09:40:08 +0100
Subject: [PATCH 04/11] qemu-char: Check for missing backend name

RH-Author: Amit Shah <amit.shah@redhat.com>
Message-id: <73967f9d9fbb39e3bc3a61edd90a0da398f9c125.1320226803.git.amit.shah@redhat.com>
Patchwork-id: 34831
O-Subject: [RHEL6.3 qemu-kvm PATCH 1/1] qemu-char: Check for missing backend name
Bugzilla: 750738
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
RH-Acked-by: Markus Armbruster <armbru@redhat.com>
RH-Acked-by: Juan Quintela <quintela@redhat.com>

From: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>

Check if the backend option is missing before searching the backend
table.  This fixes a NULL pointer dereference when QEMU is invoked with
the following invalid command-line:

  $ qemu -chardev id=foo,path=/tmp/socket

Previously QEMU would segfault, now it produces this error message:

  chardev: "foo" missing backend

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
(cherry picked from commit 1bbd185fa826a2da7c6089b968f9f7d08438c2c8)

Bugzilla: 750738

Signed-off-by: Amit Shah <amit.shah@redhat.com>
---
 qemu-char.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

Signed-off-by: Michal Novotny <minovotn@redhat.com>
---
 qemu-char.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index b11752a..592dfa9 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2636,6 +2636,11 @@ CharDriverState *qemu_chr_open_opts(QemuOpts *opts,
         return NULL;
     }
 
+    if (qemu_opt_get(opts, "backend") == NULL) {
+        fprintf(stderr, "chardev: \"%s\" missing backend\n",
+                qemu_opts_id(opts));
+        return NULL;
+    }
     for (i = 0; i < ARRAY_SIZE(backend_table); i++) {
         if (strcmp(backend_table[i].name, qemu_opt_get(opts, "backend")) == 0)
             break;
-- 
1.7.7.3