From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=48523 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PAlFI-0007bp-9g
	for qemu-devel@nongnu.org; Tue, 26 Oct 2010 11:15:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1PAl5g-0005cl-50
	for qemu-devel@nongnu.org; Tue, 26 Oct 2010 11:05:33 -0400
Received: from mx1.redhat.com ([209.132.183.28]:51467)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mst@redhat.com>) id 1PAl5f-0005cc-Ut
	for qemu-devel@nongnu.org; Tue, 26 Oct 2010 11:05:32 -0400
Received: from int-mx02.intmail.prod.int.phx2.redhat.com
	(int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o9QF5Usn001209
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <qemu-devel@nongnu.org>; Tue, 26 Oct 2010 11:05:30 -0400
Date: Tue, 26 Oct 2010 16:58:50 +0200
From: "Michael S. Tsirkin" <mst@redhat.com>
Message-ID: <20101026145850.GA11763@redhat.com>
References: <20101025053959.10150.69081.stgit@dhcp-91-7.nay.redhat.com.englab.nay.redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20101025053959.10150.69081.stgit@dhcp-91-7.nay.redhat.com.englab.nay.redhat.com>
Subject: [Qemu-devel] Re: [V3 PATCH] net: properly handle illegal fd/vhostfd
 from command line
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jason Wang <jasowang@redhat.com>
Cc: qemu-devel@nongnu.org, lcapitulino@redhat.com

On Mon, Oct 25, 2010 at 01:39:59PM +0800, Jason Wang wrote:
> When hanlding fd/vhostfd form command line through net_handle_fd_param(),
> we need to check mon and return value of strtol() otherwise we could
> get segmentation fault or invalid fd when user type an illegal fd/vhostfd.
> 
> This patch is based on the suggestions from
> Luiz Capitulino <lcapitulino@redhat.com>.
> 
> Signed-off-by: Jason Wang <jasowang@redhat.com>

Applied.

> ---
>  net.c |   16 +++++++++++-----
>  1 files changed, 11 insertions(+), 5 deletions(-)
> 
> diff --git a/net.c b/net.c
> index ed74c7f..c5e6063 100644
> --- a/net.c
> +++ b/net.c
> @@ -774,19 +774,25 @@ int qemu_find_nic_model(NICInfo *nd, const char * const *models,
>  
>  int net_handle_fd_param(Monitor *mon, const char *param)
>  {
> -    if (!qemu_isdigit(param[0])) {
> -        int fd;
> +    int fd;
> +
> +    if (!qemu_isdigit(param[0]) && mon) {
>  
>          fd = monitor_get_fd(mon, param);
>          if (fd == -1) {
>              error_report("No file descriptor named %s found", param);
>              return -1;
>          }
> -
> -        return fd;
>      } else {
> -        return strtol(param, NULL, 0);
> +        char *endptr = NULL;
> +
> +        fd = strtol(param, &endptr, 10);
> +        if (*endptr || (fd == 0 && param == endptr)) {
> +            return -1;
> +        }
>      }
> +
> +    return fd;
>  }
>  
>  static int net_init_nic(QemuOpts *opts,