From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: qemu-devel@nongnu.org, armbru@redhat.com, pbonzini@redhat.com,
thuth@redhat.com
Subject: Re: [Qemu-devel] [PATCH v7 30/38] qtest: Avoid passing raw strings through hmp()
Date: Mon, 11 Sep 2017 18:42:01 +0100 [thread overview]
Message-ID: <20170911174200.GF2150@work-vm> (raw)
In-Reply-To: <20170911172022.4738-31-eblake@redhat.com>
* Eric Blake (eblake@redhat.com) wrote:
> hmp() passes its string argument through the sprintf() family;
> with a proper attribute, gcc -Wformat warns us when we do something
> dangerous like passing a non-constant format string. Fortunately,
> all our strings were safe, but checking whether the string can
> contain an unintended % is easy to avoid and therefore worth doing.
>
> Signed-off-by: Eric Blake <eblake@redhat.com>
>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
> v7: add GCC_FMT_ATTR here, drop R-b
> ---
> tests/libqtest.h | 8 ++++----
> tests/test-hmp.c | 4 ++--
> 2 files changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/tests/libqtest.h b/tests/libqtest.h
> index 2a21bf4605..5651b77d2f 100644
> --- a/tests/libqtest.h
> +++ b/tests/libqtest.h
> @@ -153,14 +153,14 @@ QDict *qtest_qmp_eventwait_ref(QTestState *s, const char *event);
> /**
> * qtest_hmp:
> * @s: #QTestState instance to operate on.
> - * @fmt...: HMP command to send to QEMU
> + * @fmt...: HMP command to send to QEMU, formats arguments like sprintf().
> *
> * Send HMP command to QEMU via QMP's human-monitor-command.
> * QMP events are discarded.
> *
> * Returns: the command's output. The caller should g_free() it.
> */
> -char *qtest_hmp(QTestState *s, const char *fmt, ...);
> +char *qtest_hmp(QTestState *s, const char *fmt, ...) GCC_FMT_ATTR(2, 3);
>
> /**
> * qtest_hmpv:
> @@ -585,13 +585,13 @@ static inline QDict *qmp_eventwait_ref(const char *event)
>
> /**
> * hmp:
> - * @fmt...: HMP command to send to QEMU
> + * @fmt...: HMP command to send to QEMU, formats arguments like sprintf().
> *
> * Send HMP command to QEMU via QMP's human-monitor-command.
> *
> * Returns: the command's output. The caller should g_free() it.
> */
> -char *hmp(const char *fmt, ...);
> +char *hmp(const char *fmt, ...) GCC_FMT_ATTR(1, 2);
>
> /**
> * get_irq:
> diff --git a/tests/test-hmp.c b/tests/test-hmp.c
> index 7ff47eda13..b3102daea1 100644
> --- a/tests/test-hmp.c
> +++ b/tests/test-hmp.c
> @@ -80,7 +80,7 @@ static void test_commands(void)
> if (verbose) {
> fprintf(stderr, "\t%s\n", hmp_cmds[i]);
> }
> - response = hmp(hmp_cmds[i]);
> + response = hmp("%s", hmp_cmds[i]);
> g_free(response);
> }
>
> @@ -103,7 +103,7 @@ static void test_info_commands(void)
> if (verbose) {
> fprintf(stderr, "\t%s\n", info);
> }
> - resp = hmp(info);
> + resp = hmp("%s", info);
> g_free(resp);
> /* And move forward to the next line */
> info = strchr(endp + 1, '\n');
> --
> 2.13.5
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
next prev parent reply other threads:[~2017-09-11 17:42 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-11 17:19 [Qemu-devel] [PATCH v7 00/38] Preliminary libqtest cleanups Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 01/38] test-qga: Kill broken and dead QGA_TEST_SIDE_EFFECTING code Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 02/38] qtest: Don't perform side effects inside assertion Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 03/38] numa-test: Use hmp() Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 04/38] tests: Clean up wait for event Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 05/38] libqtest: Remove dead qtest_instances variable Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 06/38] libqtest: Use qemu_strtoul() Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 07/38] libqtest: Inline qtest_query_target_endianness() Eric Blake
2017-09-12 6:32 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 08/38] libqos: Track QTestState with QPCIBus Eric Blake
2017-09-11 23:46 ` John Snow
2017-09-12 7:05 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 09/38] libqos: Track QTestState with QVirtioBus Eric Blake
2017-09-12 7:21 ` Thomas Huth
2017-09-12 13:28 ` Eric Blake
2017-09-13 7:10 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 10/38] libqos: Move/rename qpci_unplug_acpi_device_test() to pci.c Eric Blake
2017-09-12 7:29 ` Thomas Huth
2017-09-12 13:28 ` Eric Blake
2017-09-13 7:15 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 11/38] libqos: Use explicit QTestState for pci operations Eric Blake
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 12/38] libqos: Use explicit QTestState for virtio operations Eric Blake
2017-09-12 7:38 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 13/38] libqos: Use explicit QTestState for fw_cfg operations Eric Blake
2017-09-11 23:49 ` John Snow
2017-09-12 8:55 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 14/38] libqos: Use explicit QTestState for rtas operations Eric Blake
2017-09-12 9:01 ` Thomas Huth
2017-09-11 17:19 ` [Qemu-devel] [PATCH v7 15/38] libqos: Use explicit QTestState for i2c operations Eric Blake
2017-09-12 9:04 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 16/38] libqos: Use explicit QTestState for ahci operations Eric Blake
2017-09-11 23:54 ` John Snow
2017-09-12 9:09 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 17/38] libqos: Use explicit QTestState for remaining libqos operations Eric Blake
2017-09-11 21:30 ` Greg Kurz
2017-09-12 0:01 ` John Snow
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 18/38] ahci-test: Drop dependence on global_qtest Eric Blake
2017-09-12 0:20 ` John Snow
2017-09-12 0:21 ` John Snow
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 19/38] ivshmem-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 20/38] postcopy-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 21/38] vhost-user-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 22/38] qmp-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 23/38] tests/boot-sector: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 24/38] tests/acpi-utils: " Eric Blake
2017-09-12 9:26 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 25/38] wdt_ib700-test: " Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 26/38] libqtest: Merge qtest_end() into qtest_quit() Eric Blake
2017-09-12 0:31 ` John Snow
2017-09-12 9:30 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 27/38] libqtest: Swap order of qtest_init() and qtest_start() Eric Blake
2017-09-12 9:57 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 28/38] libqtest: Add qtest_[v]startf() Eric Blake
2017-09-12 10:14 ` Thomas Huth
2017-09-12 13:32 ` Eric Blake
2017-09-13 7:19 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 29/38] libqtest: Merge qtest_init() into qtest_start() Eric Blake
2017-09-12 10:37 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 30/38] qtest: Avoid passing raw strings through hmp() Eric Blake
2017-09-11 17:42 ` Dr. David Alan Gilbert [this message]
2017-09-12 10:40 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 31/38] libqtest: Merge qtest_clock_*() with clock_*() Eric Blake
2017-09-12 10:45 ` Thomas Huth
2017-09-12 13:35 ` Eric Blake
2017-09-14 4:35 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 32/38] libqtest: Merge qtest_irq*() with irq*() Eric Blake
2017-09-12 10:47 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 33/38] libqtest: Merge qtest_{in, out}[bwl]() with {in, out}[bwl]() Eric Blake
2017-09-12 10:49 ` Thomas Huth
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 34/38] libqtest: Merge qtest_{read, write}[bwlq]() with {read, write}[bwlq]() Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 35/38] libqtest: Merge qtest_{mem, buf}{read, write}() with {mem, buf}{read, write}() Eric Blake
2017-09-11 21:35 ` Greg Kurz
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 36/38] libqtest: Merge qtest_memset() with qmemset() Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 37/38] libqtest: Separate qmp_discard_response() from command Eric Blake
2017-09-11 17:20 ` [Qemu-devel] [PATCH v7 38/38] libqtest: Merge qtest_hmp() with hmp() Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170911174200.GF2150@work-vm \
--to=dgilbert@redhat.com \
--cc=armbru@redhat.com \
--cc=eblake@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).