From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: qemu-devel@nongnu.org, armbru@redhat.com, pbonzini@redhat.com,
thuth@redhat.com
Subject: Re: [Qemu-devel] [PATCH v7 30/38] qtest: Avoid passing raw strings through hmp()
Date: Mon, 11 Sep 2017 18:42:01 +0100 [thread overview]
Message-ID: <20170911174200.GF2150@work-vm> (raw)
In-Reply-To: <20170911172022.4738-31-eblake@redhat.com>
* Eric Blake (eblake@redhat.com) wrote:
> hmp() passes its string argument through the sprintf() family;
> with a proper attribute, gcc -Wformat warns us when we do something
> dangerous like passing a non-constant format string. Fortunately,
> all our strings were safe, but checking whether the string can
> contain an unintended % is easy to avoid and therefore worth doing.
>
> Signed-off-by: Eric Blake <eblake@redhat.com>
>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
> v7: add GCC_FMT_ATTR here, drop R-b
> ---
> tests/libqtest.h | 8 ++++----
> tests/test-hmp.c | 4 ++--
> 2 files changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/tests/libqtest.h b/tests/libqtest.h
> index 2a21bf4605..5651b77d2f 100644
> --- a/tests/libqtest.h
> +++ b/tests/libqtest.h
> @@ -153,14 +153,14 @@ QDict *qtest_qmp_eventwait_ref(QTestState *s, const char *event);
> /**
> * qtest_hmp:
> * @s: #QTestState instance to operate on.
> - * @fmt...: HMP command to send to QEMU
> + * @fmt...: HMP command to send to QEMU, formats arguments like sprintf().
> *
> * Send HMP command to QEMU via QMP's human-monitor-command.
> * QMP events are discarded.
> *
> * Returns: the command's output. The caller should g_free() it.
> */
> -char *qtest_hmp(QTestState *s, const char *fmt, ...);
> +char *qtest_hmp(QTestState *s, const char *fmt, ...) GCC_FMT_ATTR(2, 3);
>
> /**
> * qtest_hmpv:
> @@ -585,13 +585,13 @@ static inline QDict *qmp_eventwait_ref(const char *event)
>
> /**
> * hmp:
> - * @fmt...: HMP command to send to QEMU
> + * @fmt...: HMP command to send to QEMU, formats arguments like sprintf().
> *
> * Send HMP command to QEMU via QMP's human-monitor-command.
> *
> * Returns: the command's output. The caller should g_free() it.
> */
> -char *hmp(const char *fmt, ...);
> +char *hmp(const char *fmt, ...) GCC_FMT_ATTR(1, 2);
>
> /**
> * get_irq:
> diff --git a/tests/test-hmp.c b/tests/test-hmp.c
> index 7ff47eda13..b3102daea1 100644
> --- a/tests/test-hmp.c
> +++ b/tests/test-hmp.c
> @@ -80,7 +80,7 @@ static void test_commands(void)
> if (verbose) {
> fprintf(stderr, "\t%s\n", hmp_cmds[i]);
> }
> - response = hmp(hmp_cmds[i]);
> + response = hmp("%s", hmp_cmds[i]);
> g_free(response);
> }
>
> @@ -103,7 +103,7 @@ static void test_info_commands(void)
> if (verbose) {
> fprintf(stderr, "\t%s\n", info);
> }
> - resp = hmp(info);
> + resp = hmp("%s", info);
> g_free(resp);
> /* And move forward to the next line */
> info = strchr(endp + 1, '\n');
> --
> 2.13.5
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
next prev parent reply other threads:[~2017-09-11 17:42 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-11 17:19 [Qemu-devel] [PATCH v7 00/38] Preliminary libqtest cleanups Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 01/38] test-qga: Kill broken and dead QGA_TEST_SIDE_EFFECTING code Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 02/38] qtest: Don't perform side effects inside assertion Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 03/38] numa-test: Use hmp() Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 04/38] tests: Clean up wait for event Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 05/38] libqtest: Remove dead qtest_instances variable Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 06/38] libqtest: Use qemu_strtoul() Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 07/38] libqtest: Inline qtest_query_target_endianness() Eric Blake
2017-09-12 6:32 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 08/38] libqos: Track QTestState with QPCIBus Eric Blake
2017-09-11 23:46 ` John Snow
2017-09-12 7:05 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 09/38] libqos: Track QTestState with QVirtioBus Eric Blake
2017-09-12 7:21 ` Thomas Huth
2017-09-12 13:28 ` Eric Blake
2017-09-13 7:10 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 10/38] libqos: Move/rename qpci_unplug_acpi_device_test() to pci.c Eric Blake
2017-09-12 7:29 ` Thomas Huth
2017-09-12 13:28 ` Eric Blake
2017-09-13 7:15 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 11/38] libqos: Use explicit QTestState for pci operations Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 12/38] libqos: Use explicit QTestState for virtio operations Eric Blake
2017-09-12 7:38 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 13/38] libqos: Use explicit QTestState for fw_cfg operations Eric Blake
2017-09-11 23:49 ` John Snow
2017-09-12 8:55 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 14/38] libqos: Use explicit QTestState for rtas operations Eric Blake
2017-09-12 9:01 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 15/38] libqos: Use explicit QTestState for i2c operations Eric Blake
2017-09-12 9:04 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 16/38] libqos: Use explicit QTestState for ahci operations Eric Blake
2017-09-11 23:54 ` John Snow
2017-09-12 9:09 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 17/38] libqos: Use explicit QTestState for remaining libqos operations Eric Blake
2017-09-11 21:30 ` Greg Kurz
2017-09-12 0:01 ` John Snow
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 18/38] ahci-test: Drop dependence on global_qtest Eric Blake
2017-09-12 0:20 ` John Snow
2017-09-12 0:21 ` John Snow
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 19/38] ivshmem-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 20/38] postcopy-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 21/38] vhost-user-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 22/38] qmp-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 23/38] tests/boot-sector: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 24/38] tests/acpi-utils: " Eric Blake
2017-09-12 9:26 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 25/38] wdt_ib700-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 26/38] libqtest: Merge qtest_end() into qtest_quit() Eric Blake
2017-09-12 0:31 ` John Snow
2017-09-12 9:30 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 27/38] libqtest: Swap order of qtest_init() and qtest_start() Eric Blake
2017-09-12 9:57 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 28/38] libqtest: Add qtest_[v]startf() Eric Blake
2017-09-12 10:14 ` Thomas Huth
2017-09-12 13:32 ` Eric Blake
2017-09-13 7:19 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 29/38] libqtest: Merge qtest_init() into qtest_start() Eric Blake
2017-09-12 10:37 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 30/38] qtest: Avoid passing raw strings through hmp() Eric Blake
2017-09-11 17:42 ` Dr. David Alan Gilbert [this message]
2017-09-12 10:40 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 31/38] libqtest: Merge qtest_clock_*() with clock_*() Eric Blake
2017-09-12 10:45 ` Thomas Huth
2017-09-12 13:35 ` Eric Blake
2017-09-14 4:35 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 32/38] libqtest: Merge qtest_irq*() with irq*() Eric Blake
2017-09-12 10:47 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 33/38] libqtest: Merge qtest_{in, out}[bwl]() with {in, out}[bwl]() Eric Blake
2017-09-12 10:49 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 34/38] libqtest: Merge qtest_{read, write}[bwlq]() with {read, write}[bwlq]() Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 35/38] libqtest: Merge qtest_{mem, buf}{read, write}() with {mem, buf}{read, write}() Eric Blake
2017-09-11 21:35 ` Greg Kurz
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 36/38] libqtest: Merge qtest_memset() with qmemset() Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 37/38] libqtest: Separate qmp_discard_response() from command Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 38/38] libqtest: Merge qtest_hmp() with hmp() Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170911174200.GF2150@work-vm \
--to=dgilbert@redhat.com \
--cc=armbru@redhat.com \
--cc=eblake@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.