From: Greg Kurz <groug@kaod.org>
To: "Philippe Mathieu-Daudé" <f4bug@amsat.org>
Cc: David Gibson <david@gibson.dropbear.id.au>,
"Michael S. Tsirkin" <mst@redhat.com>,
Michael Roth <mdroth@linux.vnet.ibm.com>,
qemu-devel@nongnu.org, qemu-ppc@nongnu.org,
Bharata B Rao <bharata@linux.vnet.ibm.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
Subject: Re: [Qemu-devel] [for-2.11 PATCH 04/26] spapr_drc: use g_strdup_printf() instead of snprintf()
Date: Mon, 31 Jul 2017 12:34:41 +0200 [thread overview]
Message-ID: <20170731123441.488afecf@bahia.lan> (raw)
In-Reply-To: <9a4c0fee-68b7-bf36-674a-2868b827f428@amsat.org>
[-- Attachment #1: Type: text/plain, Size: 3575 bytes --]
On Mon, 31 Jul 2017 07:11:45 -0300
Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
> Hi David,
>
> On 07/26/2017 12:58 AM, David Gibson wrote:
> > On Tue, Jul 25, 2017 at 07:58:53PM +0200, Greg Kurz wrote:
> >> Passing a stack allocated buffer of arbitrary length to snprintf()
> >> without checking the return value can cause the resultant strings
> >> to be silently truncated.
> >>
> >> Signed-off-by: Greg Kurz <groug@kaod.org>
> >
> > Applied to ppc-for-2.11.
>
> Isn't it 2.10 material?
>
Hi Philippe,
Well... this patch doesn't fix any bug actually since the stack buffers
are large enough. It is more a question of coding style.
Something like below would have been more appropriate I guess:
"Building strings with g_strdup_printf() is a QEMU common practice."
No big deal.
Cheers,
--
Greg
> Regards,
>
> Phil.
>
> >
> >> ---
> >> hw/ppc/spapr_drc.c | 15 +++++++++------
> >> 1 file changed, 9 insertions(+), 6 deletions(-)
> >>
> >> diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c
> >> index 15bae5c216a9..e4e8383ec7b5 100644
> >> --- a/hw/ppc/spapr_drc.c
> >> +++ b/hw/ppc/spapr_drc.c
> >> @@ -488,7 +488,7 @@ static void realize(DeviceState *d, Error **errp)
> >> {
> >> sPAPRDRConnector *drc = SPAPR_DR_CONNECTOR(d);
> >> Object *root_container;
> >> - char link_name[256];
> >> + gchar *link_name;
> >> gchar *child_name;
> >> Error *err = NULL;
> >>
> >> @@ -501,11 +501,12 @@ static void realize(DeviceState *d, Error **errp)
> >> * existing in the composition tree
> >> */
> >> root_container = container_get(object_get_root(), DRC_CONTAINER_PATH);
> >> - snprintf(link_name, sizeof(link_name), "%x", spapr_drc_index(drc));
> >> + link_name = g_strdup_printf("%x", spapr_drc_index(drc));
> >> child_name = object_get_canonical_path_component(OBJECT(drc));
> >> trace_spapr_drc_realize_child(spapr_drc_index(drc), child_name);
> >> object_property_add_alias(root_container, link_name,
> >> drc->owner, child_name, &err);
> >> + g_free(link_name);
> >> if (err) {
> >> error_report_err(err);
> >> object_unref(OBJECT(drc));
> >> @@ -521,13 +522,14 @@ static void unrealize(DeviceState *d, Error **errp)
> >> {
> >> sPAPRDRConnector *drc = SPAPR_DR_CONNECTOR(d);
> >> Object *root_container;
> >> - char name[256];
> >> + gchar *name;
> >> Error *err = NULL;
> >>
> >> trace_spapr_drc_unrealize(spapr_drc_index(drc));
> >> root_container = container_get(object_get_root(), DRC_CONTAINER_PATH);
> >> - snprintf(name, sizeof(name), "%x", spapr_drc_index(drc));
> >> + name = g_strdup_printf("%x", spapr_drc_index(drc));
> >> object_property_del(root_container, name, &err);
> >> + g_free(name);
> >> if (err) {
> >> error_report_err(err);
> >> object_unref(OBJECT(drc));
> >> @@ -729,10 +731,11 @@ static const TypeInfo spapr_drc_lmb_info = {
> >> sPAPRDRConnector *spapr_drc_by_index(uint32_t index)
> >> {
> >> Object *obj;
> >> - char name[256];
> >> + gchar *name;
> >>
> >> - snprintf(name, sizeof(name), "%s/%x", DRC_CONTAINER_PATH, index);
> >> + name = g_strdup_printf("%s/%x", DRC_CONTAINER_PATH, index);
> >> obj = object_resolve_path(name, NULL);
> >> + g_free(name);
> >>
> >> return !obj ? NULL : SPAPR_DR_CONNECTOR(obj);
> >> }
> >>
> >
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
next prev parent reply other threads:[~2017-07-31 10:35 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-25 17:57 [Qemu-devel] [for-2.11 PATCH 00/26] spapr: add support for PHB hotplug Greg Kurz
2017-07-25 17:58 ` [Qemu-devel] [for-2.11 PATCH 01/26] spapr: move spapr_create_phb() to core machine code Greg Kurz
2017-07-26 3:32 ` Alexey Kardashevskiy
2017-07-26 3:52 ` David Gibson
2017-07-26 8:55 ` Greg Kurz
2017-07-25 17:58 ` [Qemu-devel] [for-2.11 PATCH 02/26] spapr_pci: use memory_region_add_subregion() with DMA windows Greg Kurz
2017-07-26 3:33 ` [Qemu-devel] [Qemu-ppc] " Alexey Kardashevskiy
2017-07-26 3:53 ` David Gibson
2017-07-26 3:56 ` David Gibson
2017-07-25 17:58 ` [Qemu-devel] [for-2.11 PATCH 03/26] spapr_iommu: use g_strdup_printf() instead of snprintf() Greg Kurz
2017-07-26 3:37 ` Alexey Kardashevskiy
2017-07-26 3:57 ` David Gibson
2017-07-26 9:48 ` Greg Kurz
2017-07-25 17:58 ` [Qemu-devel] [for-2.11 PATCH 04/26] spapr_drc: " Greg Kurz
2017-07-26 3:58 ` David Gibson
2017-07-31 10:11 ` Philippe Mathieu-Daudé
2017-07-31 10:34 ` Greg Kurz [this message]
2017-07-31 12:53 ` David Gibson
2017-07-31 14:57 ` Philippe Mathieu-Daudé
2017-07-25 17:59 ` [Qemu-devel] [for-2.11 PATCH 05/26] spapr_iommu: convert TCE table object to realize() Greg Kurz
2017-07-26 4:00 ` David Gibson
2017-07-26 4:15 ` [Qemu-devel] [Qemu-ppc] " Alexey Kardashevskiy
2017-07-25 17:59 ` [Qemu-devel] [for-2.11 PATCH 06/26] spapr_pci: parent the MSI memory region to the PHB Greg Kurz
2017-07-26 4:01 ` David Gibson
2017-07-26 4:29 ` [Qemu-devel] [Qemu-ppc] " Alexey Kardashevskiy
2017-07-26 13:56 ` Greg Kurz
2017-07-25 17:59 ` [Qemu-devel] [for-2.11 PATCH 07/26] spapr_drc: fix realize and unrealize Greg Kurz
2017-07-26 4:04 ` David Gibson
2017-07-26 9:36 ` Greg Kurz
2017-07-27 3:44 ` David Gibson
2017-07-25 17:59 ` [Qemu-devel] [for-2.11 PATCH 08/26] spapr_drc: add unrealize method to physical DRC class Greg Kurz
2017-07-26 4:06 ` David Gibson
2017-07-26 14:22 ` Greg Kurz
2017-07-25 17:59 ` [Qemu-devel] [for-2.11 PATCH 09/26] spapr_drc: pass object ownership to parent/owner Greg Kurz
2017-07-26 4:07 ` David Gibson
2017-07-25 18:00 ` [Qemu-devel] [for-2.11 PATCH 10/26] spapr_iommu: " Greg Kurz
2017-07-26 4:08 ` David Gibson
2017-07-25 18:00 ` [Qemu-devel] [for-2.11 PATCH 11/26] spapr_iommu: unregister vmstate at unrealize time Greg Kurz
2017-07-26 4:15 ` David Gibson
2017-07-25 18:00 ` [Qemu-devel] [for-2.11 PATCH 12/26] pci: allow cleanup/unregistration of PCI buses Greg Kurz
2017-07-25 18:00 ` [Qemu-devel] [for-2.11 PATCH 13/26] qdev: store DeviceState's canonical path to use when unparenting Greg Kurz
2017-07-26 5:24 ` David Gibson
2017-07-26 12:03 ` Michael Roth
2017-07-27 16:50 ` Greg Kurz
2017-07-28 2:59 ` David Gibson
2017-07-25 18:01 ` [Qemu-devel] [for-2.11 PATCH 14/26] spapr_pci: add PHB unrealize Greg Kurz
2017-07-25 18:01 ` [Qemu-devel] [for-2.11 PATCH 15/26] spapr: add pseries-2.11 machine type Greg Kurz
2017-07-26 5:28 ` David Gibson
2017-07-25 18:01 ` [Qemu-devel] [for-2.11 PATCH 16/26] spapr: enable PHB hotplug for pseries-2.11 Greg Kurz
2017-07-26 4:42 ` [Qemu-devel] [Qemu-ppc] " Alexey Kardashevskiy
2017-07-26 14:32 ` Greg Kurz
2017-07-27 15:52 ` Michael Roth
2017-07-25 18:01 ` [Qemu-devel] [for-2.11 PATCH 17/26] spapr_pci: introduce drc_id property Greg Kurz
2017-07-28 3:46 ` David Gibson
2017-07-25 18:01 ` [Qemu-devel] [for-2.11 PATCH 18/26] spapr: create DR connectors for PHBs Greg Kurz
2017-07-28 3:49 ` David Gibson
2017-07-28 10:30 ` Greg Kurz
2017-07-31 2:58 ` David Gibson
2017-09-06 11:32 ` [Qemu-devel] [Qemu-ppc] " Greg Kurz
2017-09-13 12:23 ` David Gibson
2017-09-13 12:56 ` Greg Kurz
2017-09-15 9:09 ` David Gibson
2017-07-25 18:02 ` [Qemu-devel] [for-2.11 PATCH 19/26] spapr: populate PHB DRC entries for root DT node Greg Kurz
2017-07-25 20:51 ` Michael Roth
2017-07-26 15:45 ` Greg Kurz
2017-07-26 5:47 ` David Gibson
2017-07-26 15:01 ` Greg Kurz
2017-07-25 18:02 ` [Qemu-devel] [for-2.11 PATCH 20/26] spapr_events: add support for phb hotplug events Greg Kurz
2017-07-25 18:02 ` [Qemu-devel] [for-2.11 PATCH 21/26] qdev: pass an Object * to qbus_set_hotplug_handler() Greg Kurz
2017-07-28 3:50 ` David Gibson
2017-07-25 18:02 ` [Qemu-devel] [for-2.11 PATCH 22/26] spapr_pci: provide node start offset via spapr_populate_pci_dt() Greg Kurz
2017-07-28 3:52 ` David Gibson
2017-07-25 18:02 ` [Qemu-devel] [for-2.11 PATCH 23/26] spapr_pci: add ibm, my-drc-index property for PHB hotplug Greg Kurz
2017-07-25 18:03 ` [Qemu-devel] [for-2.11 PATCH 24/26] spapr: allow guest to update the XICS phandle Greg Kurz
2017-07-26 5:38 ` Alexey Kardashevskiy
2017-07-28 4:02 ` David Gibson
2017-07-28 6:20 ` Thomas Huth
2017-07-31 4:58 ` David Gibson
2017-08-01 2:20 ` Alexey Kardashevskiy
2017-08-01 11:26 ` Greg Kurz
2017-08-02 2:35 ` David Gibson
2017-07-25 18:03 ` [Qemu-devel] [for-2.11 PATCH 25/26] spapr_pci: drop abusive sanity check when migrating the LSI table Greg Kurz
2017-07-28 4:09 ` David Gibson
2017-07-26 3:44 ` [Qemu-devel] [for-2.11 PATCH 00/26] spapr: add support for PHB hotplug Alexey Kardashevskiy
2017-07-26 8:48 ` Greg Kurz
2017-07-26 8:40 ` [Qemu-devel] [for-2.11 PATCH 26/26] spapr: add hotplug hooks " Greg Kurz
2017-07-27 4:41 ` Alexey Kardashevskiy
2017-07-27 17:09 ` Greg Kurz
2017-07-27 18:37 ` Michael Roth
2017-08-01 14:59 ` Greg Kurz
2017-07-28 4:24 ` David Gibson
2017-08-01 15:30 ` Greg Kurz
2017-08-02 2:39 ` David Gibson
2017-08-02 7:43 ` Greg Kurz
2017-07-26 20:31 ` [Qemu-devel] [Qemu-ppc] [for-2.11 PATCH 00/26] spapr: add support " Daniel Henrique Barboza
2017-07-27 16:39 ` Greg Kurz
2017-07-28 3:27 ` Alexey Kardashevskiy
2017-07-28 3:40 ` David Gibson
2017-07-28 5:35 ` Cédric Le Goater
2017-07-28 8:39 ` Greg Kurz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170731123441.488afecf@bahia.lan \
--to=groug@kaod.org \
--cc=bharata@linux.vnet.ibm.com \
--cc=danielhb@linux.vnet.ibm.com \
--cc=david@gibson.dropbear.id.au \
--cc=f4bug@amsat.org \
--cc=mdroth@linux.vnet.ibm.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).