From: GuoHan Zhao <zhaoguohan@kylinos.cn>
Date: Fri, 24 Apr 2026 03:12:59 +0000 (+0800)
Subject: vfio-user: reject malformed migration capabilities
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=346c151da330c42a643a160797167356357cc24e;p=thirdparty%2Fqemu.git

vfio-user: reject malformed migration capabilities

check_migr() sets an error when the migration capability is not an object,
but still returns true.  This lets version negotiation continue with an
Error set and reports the wrong capability name in the diagnostic.

Return false for the malformed capability, and report the migration
capability name.

Fixes: 36227628d824 ("vfio-user: implement message send infrastructure")
Signed-off-by: GuoHan Zhao <zhaoguohan@kylinos.cn>
Reviewed-by: John Levon <john.levon@nutanix.com>
Link: https://lore.kernel.org/qemu-devel/20260424031259.289211-1-zhaoguohan@kylinos.cn
Signed-off-by: Cédric Le Goater <clg@redhat.com>
---

diff --git a/hw/vfio-user/proxy.c b/hw/vfio-user/proxy.c
index 314dfd23d8..8b7cc36231 100644
--- a/hw/vfio-user/proxy.c
+++ b/hw/vfio-user/proxy.c
@@ -1190,8 +1190,8 @@ static bool check_migr(VFIOUserProxy *proxy, QObject *qobj, Error **errp)
     QDict *qdict = qobject_to(QDict, qobj);
 
     if (qdict == NULL) {
-        error_setg(errp, "malformed %s", VFIO_USER_CAP_MAX_FDS);
-        return true;
+        error_setg(errp, "malformed %s", VFIO_USER_CAP_MIGR);
+        return false;
     }
     return caps_parse(proxy, qdict, caps_migr, errp);
 }