Re: [Qemu-devel] [PATCH v2 1/3] qemu-io: fix cvtnum lval types

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Kevin Wolf <kwolf@redhat.com>
To: John Snow <jsnow@redhat.com>
Cc: qemu-devel@nongnu.org, qemu-block@nongnu.org, mreitz@redhat.com
Subject: Re: [Qemu-devel] [PATCH v2 1/3] qemu-io: fix cvtnum lval types
Date: Tue, 27 Oct 2015 11:57:51 +0100	[thread overview]
Message-ID: <20151027105751.GA6692@noname.str.redhat.com> (raw)
In-Reply-To: <1445903114-22566-2-git-send-email-jsnow@redhat.com>

Am 27.10.2015 um 00:45 hat John Snow geschrieben:
> cvtnum() returns int64_t: we should not be storing this
> result inside of an int.
> 
> In a few cases, we need an extra sprinkling of error handling
> where we expect to pass this number on towards a function that
> expects something smaller than int64_t.
> 
> Reported-by: Max Reitz <mreitz@redhat.com>
> Signed-off-by: John Snow <jsnow@redhat.com>
> Reviewed-by: Eric Blake <eblake@redhat.com>
> ---
>  qemu-io-cmds.c | 31 +++++++++++++++++--------------
>  1 file changed, 17 insertions(+), 14 deletions(-)
> 
> diff --git a/qemu-io-cmds.c b/qemu-io-cmds.c
> index 6e5d1e4..704db89 100644
> --- a/qemu-io-cmds.c
> +++ b/qemu-io-cmds.c
> @@ -642,10 +642,11 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
>      int c, cnt;
>      char *buf;
>      int64_t offset;
> -    int count;
> +    int64_t count;
>      /* Some compilers get confused and warn if this is not initialized.  */
>      int total = 0;
> -    int pattern = 0, pattern_offset = 0, pattern_count = 0;
> +    int pattern = 0;
> +    int64_t pattern_offset = 0, pattern_count = 0;
>  
>      while ((c = getopt(argc, argv, "bCl:pP:qs:v")) != -1) {
>          switch (c) {
> @@ -734,7 +735,7 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
>              return 0;
>          }
>          if (count & 0x1ff) {
> -            printf("count %d is not sector aligned\n",
> +            printf("count %"PRId64" is not sector aligned\n",
>                     count);
>              return 0;
>          }
> @@ -762,7 +763,7 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
>          memset(cmp_buf, pattern, pattern_count);
>          if (memcmp(buf + pattern_offset, cmp_buf, pattern_count)) {
>              printf("Pattern verification failed at offset %"
> -                   PRId64 ", %d bytes\n",
> +                   PRId64 ", %"PRId64" bytes\n",
>                     offset + pattern_offset, pattern_count);
>          }
>          g_free(cmp_buf);

read_f calls a few helper function which only take an int for count:

do_pread(), do_load_vmstate(), do_read() actually perform the request.
These should probably take int64_t as well (and if we want to be really
careful to avoid wraparounds, check limits individually).

qemu_io_alloc() takes size_t, so will wrap around on 32 bit hosts.
Should take int64_t and check against SIZE_MAX.

dump_buffer() also only takes an int, but I hope nobody tries to dump
more than 2 GB...

print_report() should probably be fixed to take int64_t.

And for total to make sense, it probably needs to be converted to
int64_t as well.

> @@ -957,7 +958,7 @@ static int write_f(BlockBackend *blk, int argc, char **argv)
>      int c, cnt;
>      char *buf = NULL;
>      int64_t offset;
> -    int count;
> +    int64_t count;
>      /* Some compilers get confused and warn if this is not initialized.  */
>      int total = 0;
>      int pattern = 0xcd;
> @@ -1029,7 +1030,7 @@ static int write_f(BlockBackend *blk, int argc, char **argv)
>          }
>  
>          if (count & 0x1ff) {
> -            printf("count %d is not sector aligned\n",
> +            printf("count %"PRId64" is not sector aligned\n",
>                     count);
>              return 0;
>          }

For writes, the helper functions to perform the request are different,
but they also only take int: do_pwrite(), do_save_vmstate(),
do_co_write_zeroes(), do_write_compressed(), do_write().

The rest should be fixed when you fix the helpers for read.

> @@ -1777,8 +1778,7 @@ static int discard_f(BlockBackend *blk, int argc, char **argv)
>      struct timeval t1, t2;
>      int Cflag = 0, qflag = 0;
>      int c, ret;
> -    int64_t offset;
> -    int count;
> +    int64_t offset, count;
>  
>      while ((c = getopt(argc, argv, "Cq")) != -1) {
>          switch (c) {

Here, blk_discard() is called directly without a helper function. A
check that the number of sectors fits in an int is missing.

> @@ -1833,11 +1833,10 @@ out:
>  static int alloc_f(BlockBackend *blk, int argc, char **argv)
>  {
>      BlockDriverState *bs = blk_bs(blk);
> -    int64_t offset, sector_num;
> -    int nb_sectors, remaining;
> +    int64_t offset, sector_num, nb_sectors, remaining;
>      char s1[64];
> -    int num, sum_alloc;
> -    int ret;
> +    int num, ret;
> +    int64_t sum_alloc;
>  
>      offset = cvtnum(argv[1]);
>      if (offset < 0) {
> @@ -1881,7 +1880,7 @@ static int alloc_f(BlockBackend *blk, int argc, char **argv)
>  
>      cvtstr(offset, s1, sizeof(s1));
>  
> -    printf("%d/%d sectors allocated at offset %s\n",
> +    printf("%"PRId64"/%"PRId64" sectors allocated at offset %s\n",
>             sum_alloc, nb_sectors, s1);
>      return 0;
>  }

remaining is passed to bdrv_is_allocated() without checking against
INT_MAX first.

Kevin

next prev parent reply	other threads:[~2015-10-27 10:58 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-26 23:45 [Qemu-devel] [PATCH v2 0/3] qemu-io: clean up cvtnum usage John Snow
2015-10-26 23:45 ` [Qemu-devel] [PATCH v2 1/3] qemu-io: fix cvtnum lval types John Snow
2015-10-27 10:57   ` Kevin Wolf [this message]
2015-10-26 23:45 ` [Qemu-devel] [PATCH v2 2/3] qemu-io: Check for trailing chars John Snow
2015-10-27 11:05   ` Kevin Wolf
2015-10-26 23:45 ` [Qemu-devel] [PATCH v2 3/3] qemu-io: Correct error messages John Snow
2015-10-27  2:26   ` Eric Blake
2015-10-27 11:08     ` Kevin Wolf
2015-10-27 15:50     ` John Snow
2015-10-27 16:02       ` Kevin Wolf
2015-10-27 16:07       ` Eric Blake
2015-10-27 11:05   ` Kevin Wolf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151027105751.GA6692@noname.str.redhat.com \
    --to=kwolf@redhat.com \
    --cc=jsnow@redhat.com \
    --cc=mreitz@redhat.com \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).