From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Markus Armbruster <armbru@redhat.com>
Cc: "Akihiko Odaki" <odaki@rsg.ci.i.u-tokyo.ac.jp>,
qemu-devel@nongnu.org,
"Viktor Prutyanov" <viktor.prutyanov@phystech.edu>,
"Alex Williamson" <alex@shazbot.org>,
"Cédric Le Goater" <clg@redhat.com>,
"Michael Roth" <michael.roth@amd.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Keith Busch" <kbusch@kernel.org>,
"Klaus Jensen" <its@irrelevant.dk>,
"Jesper Devantier" <foss@defmacro.it>,
qemu-block@nongnu.org
Subject: Re: [PATCH v2 3/4] tests: Grow buffers for double string
Date: Mon, 2 Mar 2026 11:57:59 +0000 [thread overview]
Message-ID: <aaV7R4NFhHvEShti@redhat.com> (raw)
In-Reply-To: <87pl5m1mad.fsf@pond.sub.org>
On Mon, Mar 02, 2026 at 12:52:10PM +0100, Markus Armbruster wrote:
> Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> writes:
>
> > A string that represents a double can be long if it is an exponentially
> > large number.
> >
> > Signed-off-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
> > ---
> > tests/unit/test-qobject-input-visitor.c | 2 +-
> > tests/unit/test-qobject-output-visitor.c | 2 +-
> > 2 files changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/tests/unit/test-qobject-input-visitor.c b/tests/unit/test-qobject-input-visitor.c
> > index 84bdcdf702e0..baff9243313c 100644
> > --- a/tests/unit/test-qobject-input-visitor.c
> > +++ b/tests/unit/test-qobject-input-visitor.c
> > @@ -583,7 +583,7 @@ static void test_visitor_in_list_struct(TestInputVisitorData *data,
> >
> > i = 0;
> > for (num_list = arrs->number; num_list; num_list = num_list->next) {
> > - char expected[32], actual[32];
> > + char expected[318], actual[318];
>
> Where does 318 come from?
If we're concerned about buffer sizes being too short, then that
is a strong sign we should be using g_strdup_printf instead of
sprintf with a bigger magic size.
As you say below though, it is better if we eliminate the string
formatting entirely here since it is irrelevant for the goals of
this test.
>
> >
> > sprintf(expected, "%.6f", (double)i / 3);
> > sprintf(actual, "%.6f", num_list->value);
> g_assert_cmpstr(expected, ==, actual);
> i++;
> }
>
> Existing code is safe, because the numbers run from 0, 1.0/3, ...,
> 31.0/3.
>
> Its purpose is to check the input visitor parses number arrays
> correctly. Doing it this way is questionable. Elsewhere in this file,
> we get away with the equivalent of
>
> g_assert_cmpfloat(num_list->value, ==, (double)i / 3);
>
> Yes, double can't represent the fractions exactly, but if we're
> concerned about that, we should test the difference is less than
> epsilon, or simply use representable values.
>
> > diff --git a/tests/unit/test-qobject-output-visitor.c b/tests/unit/test-qobject-output-visitor.c
> > index 407ab9ed505a..ae05a726f775 100644
> > --- a/tests/unit/test-qobject-output-visitor.c
> > +++ b/tests/unit/test-qobject-output-visitor.c
> > @@ -571,7 +571,7 @@ static void test_visitor_out_list_struct(TestOutputVisitorData *data,
> > i = 0;
> > QLIST_FOREACH_ENTRY(qlist, e) {
> > QNum *qvalue = qobject_to(QNum, qlist_entry_obj(e));
> > - char expected[32], actual[32];
> > + char expected[318], actual[318];
> >
> > g_assert(qvalue);
> > sprintf(expected, "%.6f", (double)i / 3);
>
> Likewise.
>
With regards,
Daniel
--
|: https://berrange.com ~~ https://hachyderm.io/@berrange :|
|: https://libvirt.org ~~ https://entangle-photo.org :|
|: https://pixelfed.art/berrange ~~ https://fstop138.berrange.com :|
next prev parent reply other threads:[~2026-03-02 11:59 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-02 7:48 [PATCH v2 0/4] Fix use-after-free and make format overflow more difficult Akihiko Odaki
2026-03-02 7:48 ` [PATCH v2 1/4] contrib/elf2dmp: Grow PDB URL buffer Akihiko Odaki
2026-03-02 7:48 ` [PATCH v2 2/4] vfio/pci: Grow buffer in vfio_pci_host_match() Akihiko Odaki
2026-03-02 18:59 ` Alex Williamson
2026-03-02 7:48 ` [PATCH v2 3/4] tests: Grow buffers for double string Akihiko Odaki
2026-03-02 11:52 ` Markus Armbruster
2026-03-02 11:57 ` Daniel P. Berrangé [this message]
2026-03-02 12:54 ` Akihiko Odaki
2026-03-02 7:48 ` [PATCH v2 4/4] meson: Add -Wformat-overflow=2 Akihiko Odaki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aaV7R4NFhHvEShti@redhat.com \
--to=berrange@redhat.com \
--cc=alex@shazbot.org \
--cc=armbru@redhat.com \
--cc=clg@redhat.com \
--cc=foss@defmacro.it \
--cc=its@irrelevant.dk \
--cc=kbusch@kernel.org \
--cc=marcandre.lureau@redhat.com \
--cc=michael.roth@amd.com \
--cc=odaki@rsg.ci.i.u-tokyo.ac.jp \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=viktor.prutyanov@phystech.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.