From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51518) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WAGrT-0004wY-Tj for qemu-devel@nongnu.org; Mon, 03 Feb 2014 05:34:47 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WAGrQ-0006Qk-0D for qemu-devel@nongnu.org; Mon, 03 Feb 2014 05:34:43 -0500 Received: from mx1.redhat.com ([209.132.183.28]:61099) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WAGrP-0006Qa-Op for qemu-devel@nongnu.org; Mon, 03 Feb 2014 05:34:39 -0500 Date: Mon, 3 Feb 2014 10:34:29 +0000 From: "Daniel P. Berrange" Message-ID: <20140203103429.GB10408@redhat.com> References: <52EF68CA.9060604@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <52EF68CA.9060604@gmail.com> Subject: Re: [Qemu-devel] [PATCH] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf() Reply-To: "Daniel P. Berrange" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Chen Gang Cc: aneesh.kumar@linux.vnet.ibm.com, aliguori@amazon.com, QEMU Developers On Mon, Feb 03, 2014 at 06:00:42PM +0800, Chen Gang wrote: > We can not assume "'path' + 'ctx->fs_root'" must be less than MAX_PATH, > so need use snprintf() instead of sprintf(). > > And also recommend to use ARRAY_SIZE instead of hard code macro for an > array size in snprintf(). In the event that there is overflow this will cause the data to be truncated, potentially causing QEMU to access the wrong file on the host. Both snprintf and sprintf are really bad because of their use of fixed buffers. Better to change it to g_strdup_printf which dynamically allocates buffers. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|