From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>
Subject: [Qemu-devel] [PULL v1 3/5] qga: convert to use error checked base64 decode
Date: Fri, 18 Dec 2015 16:53:18 +0000 [thread overview]
Message-ID: <1450457600-19865-4-git-send-email-berrange@redhat.com> (raw)
In-Reply-To: <1450457600-19865-1-git-send-email-berrange@redhat.com>
Switch from using g_base64_decode over to qbase64_decode
in order to get error checking of the base64 input data.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
qga/commands-posix.c | 11 +++++++++--
qga/commands-win32.c | 11 +++++++++--
qga/commands.c | 13 ++++++++++++-
3 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/qga/commands-posix.c b/qga/commands-posix.c
index c2ff970..8fe708f 100644
--- a/qga/commands-posix.c
+++ b/qga/commands-posix.c
@@ -29,6 +29,7 @@
#include "qemu/queue.h"
#include "qemu/host-utils.h"
#include "qemu/sockets.h"
+#include "qemu/base64.h"
#ifndef CONFIG_HAS_ENVIRON
#ifdef __APPLE__
@@ -525,7 +526,10 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64,
gfh->state = RW_STATE_NEW;
}
- buf = g_base64_decode(buf_b64, &buf_len);
+ buf = qbase64_decode(buf_b64, -1, &buf_len, errp);
+ if (!buf) {
+ return NULL;
+ }
if (!has_count) {
count = buf_len;
@@ -1963,7 +1967,10 @@ void qmp_guest_set_user_password(const char *username,
char *chpasswddata = NULL;
size_t chpasswdlen;
- rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen);
+ rawpasswddata = (char *)qbase64_decode(password, -1, &rawpasswdlen, errp);
+ if (!rawpasswddata) {
+ return;
+ }
rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1);
rawpasswddata[rawpasswdlen] = '\0';
diff --git a/qga/commands-win32.c b/qga/commands-win32.c
index 0654fe4..61ffbdf 100644
--- a/qga/commands-win32.c
+++ b/qga/commands-win32.c
@@ -34,6 +34,7 @@
#include "qapi/qmp/qerror.h"
#include "qemu/queue.h"
#include "qemu/host-utils.h"
+#include "qemu/base64.h"
#ifndef SHTDN_REASON_FLAG_PLANNED
#define SHTDN_REASON_FLAG_PLANNED 0x80000000
@@ -357,7 +358,10 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64,
return NULL;
}
fh = gfh->fh;
- buf = g_base64_decode(buf_b64, &buf_len);
+ buf = qbase64_decode(buf_b64, -1, &buf_len, errp);
+ if (!buf) {
+ return NULL;
+ }
if (!has_count) {
count = buf_len;
@@ -1294,7 +1298,10 @@ void qmp_guest_set_user_password(const char *username,
return;
}
- rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen);
+ rawpasswddata = (char *)qbase64_decode(password, -1, &rawpasswdlen, errp);
+ if (!rawpasswddata) {
+ return;
+ }
rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1);
rawpasswddata[rawpasswdlen] = '\0';
diff --git a/qga/commands.c b/qga/commands.c
index bb73e7d..58568d8 100644
--- a/qga/commands.c
+++ b/qga/commands.c
@@ -14,6 +14,7 @@
#include "qga/guest-agent-core.h"
#include "qga-qmp-commands.h"
#include "qapi/qmp/qerror.h"
+#include "qemu/base64.h"
/* Maximum captured guest-exec out_data/err_data - 16MB */
#define GUEST_EXEC_MAX_OUTPUT (16*1024*1024)
@@ -393,10 +394,19 @@ GuestExec *qmp_guest_exec(const char *path,
GIOChannel *in_ch, *out_ch, *err_ch;
GSpawnFlags flags;
bool has_output = (has_capture_output && capture_output);
+ uint8_t *input = NULL;
+ size_t ninput = 0;
arglist.value = (char *)path;
arglist.next = has_arg ? arg : NULL;
+ if (has_input_data) {
+ input = qbase64_decode(input_data, -1, &ninput, err);
+ if (!input) {
+ return NULL;
+ }
+ }
+
argv = guest_exec_get_args(&arglist, true);
envp = has_env ? guest_exec_get_args(env, false) : NULL;
@@ -425,7 +435,8 @@ GuestExec *qmp_guest_exec(const char *path,
g_child_watch_add(pid, guest_exec_child_watch, gei);
if (has_input_data) {
- gei->in.data = g_base64_decode(input_data, &gei->in.size);
+ gei->in.data = input;
+ gei->in.size = ninput;
#ifdef G_OS_WIN32
in_ch = g_io_channel_win32_new_fd(in_fd);
#else
--
2.5.0
next prev parent reply other threads:[~2015-12-18 16:53 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-18 16:53 [Qemu-devel] [PULL v1 0/5] Support for securely passing secrets to QEMU Daniel P. Berrange
2015-12-18 16:53 ` [Qemu-devel] [PULL v1 1/5] util: add base64 decoding function Daniel P. Berrange
2015-12-18 16:53 ` [Qemu-devel] [PULL v1 2/5] qemu-char: convert to use error checked base64 decode Daniel P. Berrange
2015-12-18 16:53 ` Daniel P. Berrange [this message]
2021-08-09 12:51 ` [PULL v1 3/5] qga: " Peter Maydell
2015-12-18 16:53 ` [Qemu-devel] [PULL v1 4/5] crypto: add QCryptoSecret object class for password/key handling Daniel P. Berrange
2015-12-18 16:53 ` [Qemu-devel] [PULL v1 5/5] crypto: add support for loading encrypted x509 keys Daniel P. Berrange
2015-12-18 17:42 ` [Qemu-devel] [PULL v1 0/5] Support for securely passing secrets to QEMU Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1450457600-19865-4-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).