[Qemu-devel] [PULL 10/21] Add qemu_get_counted_string to read a string prefixed by a count byte

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Juan Quintela <quintela@redhat.com>
To: qemu-devel@nongnu.org
Cc: amit.shah@redhat.com, "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Subject: [Qemu-devel] [PULL 10/21] Add qemu_get_counted_string to read a string prefixed by a count byte
Date: Wed,  3 Jun 2015 14:05:46 +0200	[thread overview]
Message-ID: <1433333157-9939-11-git-send-email-quintela@redhat.com> (raw)
In-Reply-To: <1433333157-9939-1-git-send-email-quintela@redhat.com>

From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>

and use it in loadvm_state and ram_load.

Where ever it's used, check the return and error if it failed.

Minor: ram_load was using a 257 byte array for its string, the
       maximum length is 255 bytes + 0 terminator, so fix to 256

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
---
 include/migration/qemu-file.h |  3 +++
 migration/qemu-file.c         | 17 +++++++++++++++++
 migration/savevm.c            | 11 ++++++-----
 3 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/include/migration/qemu-file.h b/include/migration/qemu-file.h
index a01c5b8..318aa1e 100644
--- a/include/migration/qemu-file.h
+++ b/include/migration/qemu-file.h
@@ -312,4 +312,7 @@ static inline void qemu_get_sbe64s(QEMUFile *f, int64_t *pv)
 {
     qemu_get_be64s(f, (uint64_t *)pv);
 }
+
+size_t qemu_get_counted_string(QEMUFile *f, char buf[256]);
+
 #endif
diff --git a/migration/qemu-file.c b/migration/qemu-file.c
index 2750365..0ef543a 100644
--- a/migration/qemu-file.c
+++ b/migration/qemu-file.c
@@ -585,3 +585,20 @@ int qemu_put_qemu_file(QEMUFile *f_des, QEMUFile *f_src)
     }
     return len;
 }
+
+/*
+ * Get a string whose length is determined by a single preceding byte
+ * A preallocated 256 byte buffer must be passed in.
+ * Returns: len on success and a 0 terminated string in the buffer
+ *          else 0
+ *          (Note a 0 length string will return 0 either way)
+ */
+size_t qemu_get_counted_string(QEMUFile *f, char buf[256])
+{
+    size_t len = qemu_get_byte(f);
+    size_t res = qemu_get_buffer(f, (uint8_t *)buf, len);
+
+    buf[res] = 0;
+
+    return res == len ? res : 0;
+}
diff --git a/migration/savevm.c b/migration/savevm.c
index 002f9b8..2b0aa65 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -973,8 +973,7 @@ int qemu_loadvm_state(QEMUFile *f)
     while ((section_type = qemu_get_byte(f)) != QEMU_VM_EOF) {
         uint32_t instance_id, version_id, section_id;
         SaveStateEntry *se;
-        char idstr[257];
-        int len;
+        char idstr[256];

         trace_qemu_loadvm_state_section(section_type);
         switch (section_type) {
@@ -982,9 +981,11 @@ int qemu_loadvm_state(QEMUFile *f)
         case QEMU_VM_SECTION_FULL:
             /* Read section start */
             section_id = qemu_get_be32(f);
-            len = qemu_get_byte(f);
-            qemu_get_buffer(f, (uint8_t *)idstr, len);
-            idstr[len] = 0;
+            if (!qemu_get_counted_string(f, idstr)) {
+                error_report("Unable to read ID string for section %u",
+                            section_id);
+                return -EINVAL;
+            }
             instance_id = qemu_get_be32(f);
             version_id = qemu_get_be32(f);

-- 
2.4.1

next prev parent reply	other threads:[~2015-06-03 12:06 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-06-03 12:05 [Qemu-devel] [PULL 00/21] Migration pull request Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 01/21] migration: move ram stuff to migration/ram Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 02/21] migration: move savevm.c inside migration/ Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 03/21] migration: Add myself to the copyright list of both files Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 04/21] migration: reduce include files Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 05/21] arch_init: Clean up the duplicate variable 'len' defining in ram_load() Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 06/21] rdma: Fix qemu crash when IPv6 address is used for migration Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 07/21] migration: Remove duplicated assignment of SETUP status Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 08/21] migration: create savevm_state Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 09/21] migration: Use normal VMStateDescriptions for Subsections Juan Quintela
2015-06-03 12:05 ` Juan Quintela [this message]
2015-06-03 12:05 ` [Qemu-devel] [PULL 11/21] Split header writing out of qemu_savevm_state_begin Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 12/21] qemu_ram_foreach_block: pass up error value, and down the ramblock name Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 13/21] Create MigrationIncomingState Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 14/21] Move copy out of qemu_peek_buffer Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 15/21] Move loadvm_handlers into MigrationIncomingState Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 16/21] Merge section header writing Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 17/21] Disable section footers on older machine types Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 18/21] Add a protective section footer Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 19/21] Teach analyze-migration.py about section footers Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 20/21] Rename RDMA structures to make destination clear Juan Quintela
2015-06-03 12:05 ` [Qemu-devel] [PULL 21/21] Remove unneeded memset Juan Quintela
2015-06-04 11:48 ` [Qemu-devel] [PULL 00/21] Migration pull request Peter Maydell
2015-06-04 13:01   ` Juan Quintela
  -- strict thread matches above, loose matches on Subject: below --
2015-06-12  5:03 [Qemu-devel] [PULL v2 00/21] migration " Juan Quintela
2015-06-12  5:03 ` [Qemu-devel] [PULL 10/21] Add qemu_get_counted_string to read a string prefixed by a count byte Juan Quintela

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:a01c5b8 dfblob:318aa1e dfblob:2750365 dfblob:0ef543a
dfblob:002f9b8 dfblob:2b0aa65 )
 OR (
bs:"[Qemu-devel] [PULL 10/21] Add qemu_get_counted_string to read a string prefixed by a count byte" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1433333157-9939-11-git-send-email-quintela@redhat.com \
    --to=quintela@redhat.com \
    --cc=amit.shah@redhat.com \
    --cc=dgilbert@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).