From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57752) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYDVn-00029A-7s for qemu-devel@nongnu.org; Thu, 10 Apr 2014 07:51:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WYDVd-0003PQ-WA for qemu-devel@nongnu.org; Thu, 10 Apr 2014 07:51:19 -0400 Received: from mx1.redhat.com ([209.132.183.28]:27048) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WYDVd-0003PE-Nf for qemu-devel@nongnu.org; Thu, 10 Apr 2014 07:51:09 -0400 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s3ABp9No018919 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 10 Apr 2014 07:51:09 -0400 Message-ID: <534685AC.201@redhat.com> Date: Thu, 10 Apr 2014 05:51:08 -0600 From: Eric Blake MIME-Version: 1.0 References: <1397118285-11715-1-git-send-email-lersek@redhat.com> <1397118285-11715-2-git-send-email-lersek@redhat.com> In-Reply-To: <1397118285-11715-2-git-send-email-lersek@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="JrgAoivi3bnnSMFfRi4RmCaPPwi9rcBWr" Subject: Re: [Qemu-devel] [PATCH 01/16] cutils: tighten qemu_parse_fd() List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Laszlo Ersek , qemu-devel@nongnu.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JrgAoivi3bnnSMFfRi4RmCaPPwi9rcBWr Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 04/10/2014 02:24 AM, Laszlo Ersek wrote: > qemu_parse_fd() used to handle at least the following strings incorrect= ly: > o "-2": simply let through > o "2147483648": returned as LONG_MAX=3D=3DINT_MAX on ILP32 (with ERANGE= > ignored); implementation-defined behavior on LP64 >=20 > Signed-off-by: Laszlo Ersek > --- > util/cutils.c | 13 ++++++++++--- > 1 file changed, 10 insertions(+), 3 deletions(-) I still think qemu should follow libvirt's lead of wrapping ALL uses of strto*l behind sane wrappers, since this is not the only place in the code base affected by misuse of the function - but that's a story for another day. > =20 > + errno =3D 0; > fd =3D strtol(param, &endptr, 10); > - if (*endptr || (fd =3D=3D 0 && param =3D=3D endptr)) { > + if (param =3D=3D endptr /* no conversion performed */ = || > + errno !=3D 0 /* not representable as long; possibly other= s */ || > + *endptr !=3D '\0' /* final string not empty */ = || > + fd < 0 /* invalid as file descriptor */ = || > + fd > INT_MAX /* not representable as int */) { > return -1; Your comments make it particularly obvious that YOU know how to properly use this function, and hopefully teach future readers. :) Reviewed-by: Eric Blake --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --JrgAoivi3bnnSMFfRi4RmCaPPwi9rcBWr Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJTRoWsAAoJEKeha0olJ0NqbRYH/ivFWoAtvaUNC0IbP2QjMLDj IfUeG2t+3z17O+esmPti9rfye3gKxKcvwijFAZnHAfp7loM/q6yH8R+Ztf4lg5uP zNFGC8qPBbJ9x2WzSA8ZpfMTkL79cHidhLCc2RKMlKQwx4o/gNNn2V+XXOPb4w4s +mxMTU/e8FbM3P6kKvbop+/EGr43gWHgYQsyqGl8b7nrh+faUmtyKVBBFMQ362mJ Y375OlVvN8B1fucXXz/SAqBGHArScypXhagUyPHPZpAHZVN8+ZFYNkN3gS3/BPJv Jhdp3cuipGIQsl8ObEvO8+76INSlqgDP28VvaMEq3dPEv2wVLCwg9XleW8xm/d4= =7jvu -----END PGP SIGNATURE----- --JrgAoivi3bnnSMFfRi4RmCaPPwi9rcBWr--