From: Vladimir Sementsov-Ogievskiy Date: Wed, 14 Jan 2026 06:47:07 +0000 (+0300) Subject: qemu-file: qemu_file_get_fd(): fail if no expected fd come X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=030baed787447a430a04e53aea729db5618efa65;p=thirdparty%2Fqemu.git qemu-file: qemu_file_get_fd(): fail if no expected fd come In _put() we don't actually allow send a service byte without fd. So on _get() it's unexpected. Let's be strict. Signed-off-by: Vladimir Sementsov-Ogievskiy Reviewed-by: Fabiano Rosas Link: https://lore.kernel.org/qemu-devel/20260114064710.176268-3-vsementsov@yandex-team.ru Signed-off-by: Fabiano Rosas --- diff --git a/migration/qemu-file.c b/migration/qemu-file.c index 8d82d94416..1f3b4cf4c5 100644 --- a/migration/qemu-file.c +++ b/migration/qemu-file.c @@ -389,28 +389,34 @@ int qemu_file_get_fd(QEMUFile *f) { int fd = -1; FdEntry *fde; + Error *err = NULL; if (!f->can_pass_fd) { - Error *err = NULL; error_setg(&err, "%s does not support fd passing", f->ioc->name); - error_report_err(error_copy(err)); - qemu_file_set_error_obj(f, -EIO, err); - goto out; + goto fail; } /* Force the dummy byte and its fd passenger to appear. */ qemu_peek_byte(f, 0); fde = QTAILQ_FIRST(&f->fds); - if (fde) { - qemu_get_byte(f); /* Drop the dummy byte */ - fd = fde->fd; - QTAILQ_REMOVE(&f->fds, fde, entry); - g_free(fde); + if (!fde) { + error_setg(&err, "%s no FD come with service byte", f->ioc->name); + goto fail; } -out: + + qemu_get_byte(f); /* Drop the dummy byte */ + fd = fde->fd; + QTAILQ_REMOVE(&f->fds, fde, entry); + g_free(fde); + trace_qemu_file_get_fd(f->ioc->name, fd); return fd; + +fail: + error_report_err(error_copy(err)); + qemu_file_set_error_obj(f, -EIO, err); + return -1; } /** Closes the file