From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:40003) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SXEAY-0007QG-7a for qemu-devel@nongnu.org; Wed, 23 May 2012 12:12:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SXEAP-0004BX-V7 for qemu-devel@nongnu.org; Wed, 23 May 2012 12:12:13 -0400 Received: from mx1.redhat.com ([209.132.183.28]:8175) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SXEAP-0004Al-M7 for qemu-devel@nongnu.org; Wed, 23 May 2012 12:12:05 -0400 Message-ID: <4FBD0C3C.1000505@redhat.com> Date: Wed, 23 May 2012 10:11:40 -0600 From: Eric Blake MIME-Version: 1.0 References: <1337721011-20842-1-git-send-email-vianac@linux.vnet.ibm.com> <4FBD0B85.4090605@linux.vnet.ibm.com> In-Reply-To: <4FBD0B85.4090605@linux.vnet.ibm.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig954D5CE3F11DA9576BB5508C" Subject: Re: [Qemu-devel] [PATCH 1/1 v4] Allow machines to configure the QEMU_VERSION that's exposed via hardware List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: =?UTF-8?B?Q3LDrXN0aWFuIFZpYW5h?= Cc: Peter Maydell , aliguori@us.ibm.com, qemu-devel@nongnu.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig954D5CE3F11DA9576BB5508C Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 05/23/2012 10:08 AM, Cr=C3=ADstian Viana wrote: >> So when you posted the previous version of your patch it was pointed >> out that this is a buffer overflow: >> http://lists.gnu.org/archive/html/qemu-devel/2012-04/msg01657.html >> >> You need to fix this. >=20 > I have sent a reply to that thread explaining that the user actually > doesn't have control of that string, that is only used internally in th= e > code (just like the QEMU_VERSION macro). > I fixed the code now with snprintf copying at most 12 chars to the > string (the array size). I can't think of why pstrcat would be better i= n > this case, as suggested by Erik. s/Erik/Eric/, but you're not the first to make that typo. pstrcat is more efficient than snprintf() - the former is dedicated to a single task, while the latter has to parse a format string and decode that it is doing a single %s expansion. In other words, just because *printf can do string concatenation doesn't make it the best tool for the job. --=20 Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --------------enig954D5CE3F11DA9576BB5508C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPvQw8AAoJEKeha0olJ0NqFKMH/RuNRASP1B3OEYhk5sXIexNA 1W8FWb3cgRJXs9Skbr3WtOLGx9RXlzgGzUPBDbWGvLPPGti0Jpse7viMi9QH90Z2 MFX7pQo0tyYR9osgZZ1MHFIZXgji9hICtbflkoAjVZkfTmC3cM8+TxGeesfHzx95 ztR9/expUoKa/t0aoISOmYWYoGGh48ltrt4uEiolMnoNaTk8Qr0r5e3ZTDXDX7Xc n2JTUPQMOHyFm8OMASFII7py0qpt5iqwVKytctcgAZLyFEMlSZB/Ybs+4RNfI55G ys3X/UVwUU89Hcju1rM9CzBnbgP8OU0Xlv+VpWlRkn0Vi2o+1AJigqD3TT+Wu28= =lnqB -----END PGP SIGNATURE----- --------------enig954D5CE3F11DA9576BB5508C--