From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL v2 31/40] qemu-io: fix cvtnum lval types
Date: Tue, 10 Nov 2015 15:09:31 +0100 [thread overview]
Message-ID: <1447164580-31094-32-git-send-email-kwolf@redhat.com> (raw)
In-Reply-To: <1447164580-31094-1-git-send-email-kwolf@redhat.com>
From: John Snow <jsnow@redhat.com>
cvtnum() returns int64_t: we should not be storing this
result inside of an int.
In a few cases, we need an extra sprinkling of error handling
where we expect to pass this number on towards a function that
expects something smaller than int64_t.
Reported-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
qemu-io-cmds.c | 123 ++++++++++++++++++++++++++++++++++++++++-----------------
1 file changed, 87 insertions(+), 36 deletions(-)
diff --git a/qemu-io-cmds.c b/qemu-io-cmds.c
index 6e5d1e4..20605f2 100644
--- a/qemu-io-cmds.c
+++ b/qemu-io-cmds.c
@@ -294,9 +294,10 @@ static void qemu_io_free(void *p)
qemu_vfree(p);
}
-static void dump_buffer(const void *buffer, int64_t offset, int len)
+static void dump_buffer(const void *buffer, int64_t offset, int64_t len)
{
- int i, j;
+ uint64_t i;
+ int j;
const uint8_t *p;
for (i = 0, p = buffer; i < len; i += 16) {
@@ -319,7 +320,7 @@ static void dump_buffer(const void *buffer, int64_t offset, int len)
}
static void print_report(const char *op, struct timeval *t, int64_t offset,
- int count, int total, int cnt, int Cflag)
+ int64_t count, int64_t total, int cnt, int Cflag)
{
char s1[64], s2[64], ts[64];
@@ -327,12 +328,12 @@ static void print_report(const char *op, struct timeval *t, int64_t offset,
if (!Cflag) {
cvtstr((double)total, s1, sizeof(s1));
cvtstr(tdiv((double)total, *t), s2, sizeof(s2));
- printf("%s %d/%d bytes at offset %" PRId64 "\n",
+ printf("%s %"PRId64"/%"PRId64" bytes at offset %" PRId64 "\n",
op, total, count, offset);
printf("%s, %d ops; %s (%s/sec and %.4f ops/sec)\n",
s1, cnt, ts, s2, tdiv((double)cnt, *t));
} else {/* bytes,ops,time,bytes/sec,ops/sec */
- printf("%d,%d,%s,%.3f,%.3f\n",
+ printf("%"PRId64",%d,%s,%.3f,%.3f\n",
total, cnt, ts,
tdiv((double)total, *t),
tdiv((double)cnt, *t));
@@ -393,11 +394,15 @@ fail:
return buf;
}
-static int do_read(BlockBackend *blk, char *buf, int64_t offset, int count,
- int *total)
+static int do_read(BlockBackend *blk, char *buf, int64_t offset, int64_t count,
+ int64_t *total)
{
int ret;
+ if (count >> 9 > INT_MAX) {
+ return -ERANGE;
+ }
+
ret = blk_read(blk, offset >> 9, (uint8_t *)buf, count >> 9);
if (ret < 0) {
return ret;
@@ -406,11 +411,15 @@ static int do_read(BlockBackend *blk, char *buf, int64_t offset, int count,
return 1;
}
-static int do_write(BlockBackend *blk, char *buf, int64_t offset, int count,
- int *total)
+static int do_write(BlockBackend *blk, char *buf, int64_t offset, int64_t count,
+ int64_t *total)
{
int ret;
+ if (count >> 9 > INT_MAX) {
+ return -ERANGE;
+ }
+
ret = blk_write(blk, offset >> 9, (uint8_t *)buf, count >> 9);
if (ret < 0) {
return ret;
@@ -419,9 +428,13 @@ static int do_write(BlockBackend *blk, char *buf, int64_t offset, int count,
return 1;
}
-static int do_pread(BlockBackend *blk, char *buf, int64_t offset, int count,
- int *total)
+static int do_pread(BlockBackend *blk, char *buf, int64_t offset,
+ int64_t count, int64_t *total)
{
+ if (count > INT_MAX) {
+ return -ERANGE;
+ }
+
*total = blk_pread(blk, offset, (uint8_t *)buf, count);
if (*total < 0) {
return *total;
@@ -429,9 +442,13 @@ static int do_pread(BlockBackend *blk, char *buf, int64_t offset, int count,
return 1;
}
-static int do_pwrite(BlockBackend *blk, char *buf, int64_t offset, int count,
- int *total)
+static int do_pwrite(BlockBackend *blk, char *buf, int64_t offset,
+ int64_t count, int64_t *total)
{
+ if (count > INT_MAX) {
+ return -ERANGE;
+ }
+
*total = blk_pwrite(blk, offset, (uint8_t *)buf, count);
if (*total < 0) {
return *total;
@@ -442,8 +459,8 @@ static int do_pwrite(BlockBackend *blk, char *buf, int64_t offset, int count,
typedef struct {
BlockBackend *blk;
int64_t offset;
- int count;
- int *total;
+ int64_t count;
+ int64_t *total;
int ret;
bool done;
} CoWriteZeroes;
@@ -463,8 +480,8 @@ static void coroutine_fn co_write_zeroes_entry(void *opaque)
*data->total = data->count;
}
-static int do_co_write_zeroes(BlockBackend *blk, int64_t offset, int count,
- int *total)
+static int do_co_write_zeroes(BlockBackend *blk, int64_t offset, int64_t count,
+ int64_t *total)
{
Coroutine *co;
CoWriteZeroes data = {
@@ -475,6 +492,10 @@ static int do_co_write_zeroes(BlockBackend *blk, int64_t offset, int count,
.done = false,
};
+ if (count >> BDRV_SECTOR_BITS > INT_MAX) {
+ return -ERANGE;
+ }
+
co = qemu_coroutine_create(co_write_zeroes_entry);
qemu_coroutine_enter(co, &data);
while (!data.done) {
@@ -488,10 +509,14 @@ static int do_co_write_zeroes(BlockBackend *blk, int64_t offset, int count,
}
static int do_write_compressed(BlockBackend *blk, char *buf, int64_t offset,
- int count, int *total)
+ int64_t count, int64_t *total)
{
int ret;
+ if (count >> 9 > INT_MAX) {
+ return -ERANGE;
+ }
+
ret = blk_write_compressed(blk, offset >> 9, (uint8_t *)buf, count >> 9);
if (ret < 0) {
return ret;
@@ -501,8 +526,12 @@ static int do_write_compressed(BlockBackend *blk, char *buf, int64_t offset,
}
static int do_load_vmstate(BlockBackend *blk, char *buf, int64_t offset,
- int count, int *total)
+ int64_t count, int64_t *total)
{
+ if (count > INT_MAX) {
+ return -ERANGE;
+ }
+
*total = blk_load_vmstate(blk, (uint8_t *)buf, offset, count);
if (*total < 0) {
return *total;
@@ -511,8 +540,12 @@ static int do_load_vmstate(BlockBackend *blk, char *buf, int64_t offset,
}
static int do_save_vmstate(BlockBackend *blk, char *buf, int64_t offset,
- int count, int *total)
+ int64_t count, int64_t *total)
{
+ if (count > INT_MAX) {
+ return -ERANGE;
+ }
+
*total = blk_save_vmstate(blk, (uint8_t *)buf, offset, count);
if (*total < 0) {
return *total;
@@ -642,10 +675,11 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
int c, cnt;
char *buf;
int64_t offset;
- int count;
+ int64_t count;
/* Some compilers get confused and warn if this is not initialized. */
- int total = 0;
- int pattern = 0, pattern_offset = 0, pattern_count = 0;
+ int64_t total = 0;
+ int pattern = 0;
+ int64_t pattern_offset = 0, pattern_count = 0;
while ((c = getopt(argc, argv, "bCl:pP:qs:v")) != -1) {
switch (c) {
@@ -712,6 +746,9 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
if (count < 0) {
printf("non-numeric length argument -- %s\n", argv[optind]);
return 0;
+ } else if (count > SIZE_MAX) {
+ printf("length cannot exceed %zu, given %s\n", SIZE_MAX, argv[optind]);
+ return 0;
}
if (!Pflag && (lflag || sflag)) {
@@ -734,7 +771,7 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
return 0;
}
if (count & 0x1ff) {
- printf("count %d is not sector aligned\n",
+ printf("count %"PRId64" is not sector aligned\n",
count);
return 0;
}
@@ -762,7 +799,7 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
memset(cmp_buf, pattern, pattern_count);
if (memcmp(buf + pattern_offset, cmp_buf, pattern_count)) {
printf("Pattern verification failed at offset %"
- PRId64 ", %d bytes\n",
+ PRId64 ", %"PRId64" bytes\n",
offset + pattern_offset, pattern_count);
}
g_free(cmp_buf);
@@ -957,9 +994,9 @@ static int write_f(BlockBackend *blk, int argc, char **argv)
int c, cnt;
char *buf = NULL;
int64_t offset;
- int count;
+ int64_t count;
/* Some compilers get confused and warn if this is not initialized. */
- int total = 0;
+ int64_t total = 0;
int pattern = 0xcd;
while ((c = getopt(argc, argv, "bcCpP:qz")) != -1) {
@@ -1019,6 +1056,9 @@ static int write_f(BlockBackend *blk, int argc, char **argv)
if (count < 0) {
printf("non-numeric length argument -- %s\n", argv[optind]);
return 0;
+ } else if (count > SIZE_MAX) {
+ printf("length cannot exceed %zu, given %s\n", SIZE_MAX, argv[optind]);
+ return 0;
}
if (!pflag) {
@@ -1029,7 +1069,7 @@ static int write_f(BlockBackend *blk, int argc, char **argv)
}
if (count & 0x1ff) {
- printf("count %d is not sector aligned\n",
+ printf("count %"PRId64" is not sector aligned\n",
count);
return 0;
}
@@ -1777,8 +1817,7 @@ static int discard_f(BlockBackend *blk, int argc, char **argv)
struct timeval t1, t2;
int Cflag = 0, qflag = 0;
int c, ret;
- int64_t offset;
- int count;
+ int64_t offset, count;
while ((c = getopt(argc, argv, "Cq")) != -1) {
switch (c) {
@@ -1808,6 +1847,11 @@ static int discard_f(BlockBackend *blk, int argc, char **argv)
if (count < 0) {
printf("non-numeric length argument -- %s\n", argv[optind]);
return 0;
+ } else if (count >> BDRV_SECTOR_BITS > INT_MAX) {
+ printf("length cannot exceed %"PRIu64", given %s\n",
+ (uint64_t)INT_MAX << BDRV_SECTOR_BITS,
+ argv[optind]);
+ return 0;
}
gettimeofday(&t1, NULL);
@@ -1833,11 +1877,10 @@ out:
static int alloc_f(BlockBackend *blk, int argc, char **argv)
{
BlockDriverState *bs = blk_bs(blk);
- int64_t offset, sector_num;
- int nb_sectors, remaining;
+ int64_t offset, sector_num, nb_sectors, remaining;
char s1[64];
- int num, sum_alloc;
- int ret;
+ int num, ret;
+ int64_t sum_alloc;
offset = cvtnum(argv[1]);
if (offset < 0) {
@@ -1854,6 +1897,10 @@ static int alloc_f(BlockBackend *blk, int argc, char **argv)
if (nb_sectors < 0) {
printf("non-numeric length argument -- %s\n", argv[2]);
return 0;
+ } else if (nb_sectors > INT_MAX) {
+ printf("length argument cannot exceed %d, given %s\n",
+ INT_MAX, argv[2]);
+ return 0;
}
} else {
nb_sectors = 1;
@@ -1881,7 +1928,7 @@ static int alloc_f(BlockBackend *blk, int argc, char **argv)
cvtstr(offset, s1, sizeof(s1));
- printf("%d/%d sectors allocated at offset %s\n",
+ printf("%"PRId64"/%"PRId64" sectors allocated at offset %s\n",
sum_alloc, nb_sectors, s1);
return 0;
}
@@ -2191,10 +2238,14 @@ static const cmdinfo_t sigraise_cmd = {
static int sigraise_f(BlockBackend *blk, int argc, char **argv)
{
- int sig = cvtnum(argv[1]);
+ int64_t sig = cvtnum(argv[1]);
if (sig < 0) {
printf("non-numeric signal number argument -- %s\n", argv[1]);
return 0;
+ } else if (sig > NSIG) {
+ printf("signal argument '%s' is too large to be a valid signal\n",
+ argv[1]);
+ return 0;
}
/* Using raise() to kill this process does not necessarily flush all open
--
1.8.3.1
next prev parent reply other threads:[~2015-11-10 14:10 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-10 14:09 [Qemu-devel] [PULL v2 00/40] Block layer patches Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 01/40] block: Don't call blk_bs() twice in bdrv_lookup_bs() Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 02/40] block: Add blk_remove_bs() Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 03/40] block: Make bdrv_states public Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 04/40] block: Add functions for inheriting a BBRS Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 05/40] blockdev: Add blockdev-open-tray Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 06/40] blockdev: Add blockdev-close-tray Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 07/40] blockdev: Add blockdev-remove-medium Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 08/40] blockdev: Add blockdev-insert-medium Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 09/40] blockdev: Implement eject with basic operations Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 10/40] blockdev: Implement change " Kevin Wolf
2016-01-07 18:06 ` Peter Maydell
2016-01-07 19:37 ` Max Reitz
2016-01-07 19:56 ` Peter Maydell
2016-01-07 20:14 ` Max Reitz
2016-01-07 21:42 ` Peter Maydell
2016-01-07 21:57 ` Max Reitz
2016-01-07 22:19 ` Peter Maydell
2016-01-07 22:43 ` Max Reitz
2016-01-08 10:36 ` Peter Maydell
2016-01-11 18:23 ` Markus Armbruster
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 11/40] block: Inquire tray state before tray-moved events Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 12/40] qmp: Introduce blockdev-change-medium Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 13/40] hmp: Use blockdev-change-medium for change command Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 14/40] blockdev: read-only-mode for blockdev-change-medium Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 15/40] hmp: Add read-only-mode option to change command Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 16/40] iotests: Add test for change-related QMP commands Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 17/40] block: check for existing device IDs in external_snapshot_prepare() Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 18/40] block: rename BlockdevSnapshot to BlockdevSnapshotSync Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 19/40] block: support passing 'backing': '' to 'blockdev-add' Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 20/40] block: add a 'blockdev-snapshot' QMP command Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 21/40] block: add tests for the 'blockdev-snapshot' command Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 22/40] commit: reopen overlay_bs before base Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 23/40] qemu-iotests: Test the reopening of overlay_bs in 'block-commit' Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 24/40] qcow2: avoid misaligned 64bit bswap Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 25/40] qemu-img: add check for zero-length job len Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 26/40] throttle: Check for pending requests in throttle_group_unregister_bs() Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 27/40] throttle: Use bs->throttle_state instead of bs->io_limits_enabled Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 28/40] block: Disallow snapshots if the overlay doesn't support backing files Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 29/40] block: Remove inner quotation marks in iotest 085 Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 30/40] block: test 'blockdev-snapshot' using a file BDS as the overlay Kevin Wolf
2015-11-10 14:09 ` Kevin Wolf [this message]
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 32/40] qemu-io: Check for trailing chars Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 33/40] qemu-io: Correct error messages Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 34/40] qemu-iotests: fix cleanup of background processes Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 35/40] qemu-iotests: fix -valgrind option for check Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 36/40] mirror: block all operations on the target image during the job Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 37/40] block: Add blk_get_refcnt() Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 38/40] block: Add 'x-blockdev-del' QMP command Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 39/40] iotests: Add tests for the x-blockdev-del command Kevin Wolf
2015-11-10 14:59 ` [Qemu-devel] [Qemu-block] " Stefan Hajnoczi
2015-11-10 15:03 ` Kevin Wolf
2015-11-10 14:09 ` [Qemu-devel] [PULL v2 40/40] qcow2: Fix qcow2_get_cluster_offset() for zero clusters Kevin Wolf
2015-11-10 17:10 ` [Qemu-devel] [PULL v2 00/40] Block layer patches Peter Maydell
2015-11-11 15:35 ` Kevin Wolf
2015-11-11 16:38 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1447164580-31094-32-git-send-email-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).