From: Mark McLoughlin <markmc@redhat.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH 2/3] net: Real fix for check_params users
Date: Thu, 28 May 2009 16:06:11 +0100 [thread overview]
Message-ID: <1243523171.4046.193.camel@blaa> (raw)
In-Reply-To: <1243523130.4046.189.camel@blaa>
From: Jan Kiszka <jan.kiszka@siemens.com>
OK, last try: 8e4416af45 broke -net socket, ffad4116b9 tried to fix it
but broke error reporting of invalid parameters. So this patch widely
reverts ffad4116b9 again and intead fixes those callers of check_params
that originally suffered from overwritten buffers by using separate
ones.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
---
net.c | 23 ++++++++++++-----------
sysemu.h | 3 ++-
vl.c | 39 ++++++++++++++-------------------------
3 files changed, 28 insertions(+), 37 deletions(-)
diff --git a/net.c b/net.c
index 390d6a6..723e934 100644
--- a/net.c
+++ b/net.c
@@ -1911,7 +1911,7 @@ int net_client_init(const char *device, const char *p)
uint8_t *macaddr;
int idx = nic_get_free_idx();
- if (check_params(nic_params, p) < 0) {
+ if (check_params(buf, sizeof(buf), nic_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -1962,7 +1962,7 @@ int net_client_init(const char *device, const char *p)
static const char * const slirp_params[] = {
"vlan", "name", "hostname", "restrict", "ip", NULL
};
- if (check_params(slirp_params, p) < 0) {
+ if (check_params(buf, sizeof(buf), slirp_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2013,7 +2013,7 @@ int net_client_init(const char *device, const char *p)
};
char ifname[64];
- if (check_params(tap_params, p) < 0) {
+ if (check_params(buf, sizeof(buf), tap_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2029,12 +2029,12 @@ int net_client_init(const char *device, const char *p)
#elif defined (_AIX)
#else
if (!strcmp(device, "tap")) {
- char ifname[64];
+ char ifname[64], chkbuf[64];
char setup_script[1024], down_script[1024];
int fd;
vlan->nb_host_devs++;
if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
- if (check_params(fd_params, p) < 0) {
+ if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2047,7 +2047,7 @@ int net_client_init(const char *device, const char *p)
static const char * const tap_params[] = {
"vlan", "name", "ifname", "script", "downscript", NULL
};
- if (check_params(tap_params, p) < 0) {
+ if (check_params(chkbuf, sizeof(chkbuf), tap_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2066,9 +2066,10 @@ int net_client_init(const char *device, const char *p)
} else
#endif
if (!strcmp(device, "socket")) {
+ char chkbuf[64];
if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
int fd;
- if (check_params(fd_params, p) < 0) {
+ if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2081,7 +2082,7 @@ int net_client_init(const char *device, const char *p)
static const char * const listen_params[] = {
"vlan", "name", "listen", NULL
};
- if (check_params(listen_params, p) < 0) {
+ if (check_params(chkbuf, sizeof(chkbuf), listen_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2091,7 +2092,7 @@ int net_client_init(const char *device, const char *p)
static const char * const connect_params[] = {
"vlan", "name", "connect", NULL
};
- if (check_params(connect_params, p) < 0) {
+ if (check_params(chkbuf, sizeof(chkbuf), connect_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2101,7 +2102,7 @@ int net_client_init(const char *device, const char *p)
static const char * const mcast_params[] = {
"vlan", "name", "mcast", NULL
};
- if (check_params(mcast_params, p) < 0) {
+ if (check_params(chkbuf, sizeof(chkbuf), mcast_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
@@ -2122,7 +2123,7 @@ int net_client_init(const char *device, const char *p)
char vde_sock[1024], vde_group[512];
int vde_port, vde_mode;
- if (check_params(vde_params, p) < 0) {
+ if (check_params(buf, sizeof(buf), vde_params, p) < 0) {
fprintf(stderr, "qemu: invalid parameter '%s' in '%s'\n",
buf, p);
return -1;
diff --git a/sysemu.h b/sysemu.h
index 92501ed..b57f6bb 100644
--- a/sysemu.h
+++ b/sysemu.h
@@ -267,7 +267,8 @@ void usb_info(Monitor *mon);
int get_param_value(char *buf, int buf_size,
const char *tag, const char *str);
-int check_params(const char * const *params, const char *str);
+int check_params(char *buf, int buf_size,
+ const char * const *params, const char *str);
void register_devices(void);
diff --git a/vl.c b/vl.c
index 975e811..4d04d65 100644
--- a/vl.c
+++ b/vl.c
@@ -1835,45 +1835,34 @@ int get_param_value(char *buf, int buf_size,
return 0;
}
-int check_params(const char * const *params, const char *str)
+int check_params(char *buf, int buf_size,
+ const char * const *params, const char *str)
{
- int name_buf_size = 1;
const char *p;
- char *name_buf;
- int i, len;
- int ret = 0;
-
- for (i = 0; params[i] != NULL; i++) {
- len = strlen(params[i]) + 1;
- if (len > name_buf_size) {
- name_buf_size = len;
- }
- }
- name_buf = qemu_malloc(name_buf_size);
+ int i;
p = str;
while (*p != '\0') {
- p = get_opt_name(name_buf, name_buf_size, p, '=');
+ p = get_opt_name(buf, buf_size, p, '=');
if (*p != '=') {
- ret = -1;
- break;
+ return -1;
}
p++;
- for(i = 0; params[i] != NULL; i++)
- if (!strcmp(params[i], name_buf))
+ for (i = 0; params[i] != NULL; i++) {
+ if (!strcmp(params[i], buf)) {
break;
+ }
+ }
if (params[i] == NULL) {
- ret = -1;
- break;
+ return -1;
}
p = get_opt_value(NULL, 0, p);
- if (*p != ',')
+ if (*p != ',') {
break;
+ }
p++;
}
-
- qemu_free(name_buf);
- return ret;
+ return 0;
}
/***********************************************************/
@@ -2226,7 +2215,7 @@ int drive_init(struct drive_opt *arg, int snapshot, void *opaque)
"cache", "format", "serial", "werror",
NULL };
- if (check_params(params, str) < 0) {
+ if (check_params(buf, sizeof(buf), params, str) < 0) {
fprintf(stderr, "qemu: unknown parameter '%s' in '%s'\n",
buf, str);
return -1;
--
1.6.2.2
next prev parent reply other threads:[~2009-05-28 15:06 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-08 10:34 [Qemu-devel] [PATCH 00/11] Networking fixes and slirp enhancements Jan Kiszka
2009-05-08 10:34 ` [Qemu-devel] [PATCH 02/11] net: Fix and improved ordered packet delivery Jan Kiszka
2009-05-08 15:24 ` Mark McLoughlin
2009-05-08 10:34 ` [Qemu-devel] [PATCH 01/11] net: Don't deliver to disabled interfaces in qemu_sendv_packet Jan Kiszka
2009-05-08 15:20 ` Mark McLoughlin
2009-05-08 22:27 ` [Qemu-devel] "FLOSS bounty" ( FB )for running QEMU on SheevaPlug AGSCalabrese
2009-05-08 22:47 ` Marek Vasut
2009-05-08 22:58 ` Paul Brook
2009-05-08 10:34 ` [Qemu-devel] [PATCH 03/11] slirp: Avoid zombie processes after fork_exec Jan Kiszka
2009-05-08 10:34 ` [Qemu-devel] [PATCH 04/11] net: Real fix for check_params users Jan Kiszka
2009-05-19 7:57 ` Mark McLoughlin
2009-05-19 9:34 ` Jan Kiszka
2009-05-19 9:57 ` Mark McLoughlin
2009-05-28 15:04 ` Mark McLoughlin
2009-05-28 15:05 ` [Qemu-devel] [PATCH 1/3] Revert "Fix output of uninitialized strings" Mark McLoughlin
2009-05-28 15:06 ` Mark McLoughlin [this message]
2009-05-28 15:06 ` [Qemu-devel] [PATCH 3/3] net: fix error reporting for some net parameter checks Mark McLoughlin
2009-05-28 15:56 ` [Qemu-devel] " Jan Kiszka
2009-05-28 15:22 ` [Qemu-devel] [PATCH 04/11] net: Real fix for check_params users Kevin Wolf
2009-05-08 10:34 ` [Qemu-devel] [PATCH 10/11] slirp: Rework external configuration interface Jan Kiszka
2009-05-28 15:07 ` Mark McLoughlin
2009-05-28 15:55 ` Jan Kiszka
2009-05-28 17:23 ` Mark McLoughlin
2009-05-28 20:41 ` Jan Kiszka
2009-05-08 10:34 ` [Qemu-devel] [PATCH 07/11] Introduce get_next_param_value Jan Kiszka
2009-05-08 10:34 ` [Qemu-devel] [PATCH 09/11] slirp: Rework internal configuration Jan Kiszka
2009-05-08 10:34 ` [Qemu-devel] [PATCH 08/11] slirp: Move smb, redir, tftp and bootp parameters and -net channel Jan Kiszka
2009-05-28 15:07 ` Mark McLoughlin
2009-05-28 15:52 ` Jan Kiszka
2009-05-29 11:42 ` Paul Brook
2009-05-29 14:19 ` Jan Kiszka
2009-05-29 15:36 ` Paul Brook
2009-05-08 10:34 ` [Qemu-devel] [PATCH 05/11] net: Improve parameter error reporting Jan Kiszka
2009-05-08 10:34 ` [Qemu-devel] [PATCH 06/11] slirp: Reorder initialization Jan Kiszka
2009-05-08 10:34 ` [Qemu-devel] [PATCH 11/11] slirp: Bind support for host forwarding rules Jan Kiszka
2009-05-08 16:25 ` [Qemu-devel] [PATCH 00/11] Networking fixes and slirp enhancements Anthony Liguori
2009-05-08 17:01 ` Jan Kiszka
2009-05-09 7:41 ` [Qemu-devel] [PATCH 08/11 v2] slirp: Move smb, redir, tftp and bootp parameters and -net channel Jan Kiszka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1243523171.4046.193.camel@blaa \
--to=markmc@redhat.com \
--cc=jan.kiszka@siemens.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).