[Spice-devel] [PATCH] server: guest_set_client_capabilities: protect against NULL worker->display_channel

Tue Dec 18 07:57:39 PST 2012

Reported-by: Michal Luscon <mluscon at redhat.com>

Found by a Coverity scan:
  in handle_dev_start -
    Checking "worker->display_channel" implies that "worker->display_channel"
	         might be NULL.
    Passing "worker" to function "guest_set_client_capabilities"
  in guest_set_client_capabilities -
    Directly dereferencing parameter "worker->display_channel"
---
 server/red_worker.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/server/red_worker.c b/server/red_worker.c
index 530562b..1f01e3b 100644
--- a/server/red_worker.c
+++ b/server/red_worker.c
@@ -10344,7 +10344,8 @@ static void guest_set_client_capabilities(RedWorker *worker)
         worker->set_client_capabilities_pending = 1;
         return;
     }
-    if (worker->display_channel->common.base.clients_num == 0) {
+    if ((worker->display_channel == NULL) ||
+        (worker->display_channel->common.base.clients_num == 0)) {
         worker->qxl->st->qif->set_client_capabilities(worker->qxl, FALSE, caps);
     } else {
         // Take least common denominator
-- 
1.7.1

