From: Markus Armbruster <armbru@redhat.com>
To: qemu-devel@nongnu.org
Cc: kraxel@redhat.com, dgilbert@redhat.com
Subject: [PATCH 1/9] ui: Check numeric part of expire_password argument @time properly
Date: Thu, 1 Dec 2022 07:13:03 +0100 [thread overview]
Message-ID: <20221201061311.3619052-2-armbru@redhat.com> (raw)
In-Reply-To: <20221201061311.3619052-1-armbru@redhat.com>
When argument @time isn't 'now' or 'never', we parse it as an integer,
optionally prefixed with '+'. If parsing fails, we silently assume
zero. Report an error and fail instead.
While there, use qemu_strtou64() instead of strtoull() so
checkpatch.pl won't complain.
Aside: encoding numbers in strings is bad QMP practice.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
monitor/qmp-cmds.c | 17 +++++++++++++++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
index 81c8fdadf8..054d7648b1 100644
--- a/monitor/qmp-cmds.c
+++ b/monitor/qmp-cmds.c
@@ -205,15 +205,28 @@ void qmp_expire_password(ExpirePasswordOptions *opts, Error **errp)
time_t when;
int rc;
const char *whenstr = opts->time;
+ const char *numstr = NULL;
+ uint64_t num;
if (strcmp(whenstr, "now") == 0) {
when = 0;
} else if (strcmp(whenstr, "never") == 0) {
when = TIME_MAX;
} else if (whenstr[0] == '+') {
- when = time(NULL) + strtoull(whenstr+1, NULL, 10);
+ when = time(NULL);
+ numstr = whenstr + 1;
} else {
- when = strtoull(whenstr, NULL, 10);
+ when = 0;
+ numstr = whenstr;
+ }
+
+ if (numstr) {
+ if (qemu_strtou64(numstr, NULL, 10, &num) < 0) {
+ error_setg(errp, "Parameter 'time' doesn't take value '%s'",
+ whenstr);
+ return;
+ }
+ when += num;
}
if (opts->protocol == DISPLAY_PROTOCOL_SPICE) {
--
2.37.3
next prev parent reply other threads:[~2022-12-01 6:15 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-01 6:13 [PATCH 0/9] ui: Move and clean up monitor command code Markus Armbruster
2022-12-01 6:13 ` Markus Armbruster [this message]
2022-12-01 8:13 ` [PATCH 1/9] ui: Check numeric part of expire_password argument @time properly Daniel P. Berrangé
2022-12-01 6:13 ` [PATCH 2/9] ui: Fix silent truncation of numeric keys in HMP sendkey Markus Armbruster
2022-12-01 8:14 ` Daniel P. Berrangé
2022-12-01 6:13 ` [PATCH 3/9] ui: Drop disabled code for SPICE_CHANNEL_WEBDAV Markus Armbruster
2022-12-01 8:49 ` Daniel P. Berrangé
2022-12-01 10:25 ` Markus Armbruster
2022-12-01 12:39 ` Markus Armbruster
2022-12-01 14:34 ` Daniel P. Berrangé
2022-12-01 15:49 ` Markus Armbruster
2022-12-01 18:34 ` Daniel P. Berrangé
2022-12-02 6:52 ` Markus Armbruster
2022-12-01 6:13 ` [PATCH 4/9] ui: Clean up a few things checkpatch.pl would flag later on Markus Armbruster
2022-12-01 8:50 ` Daniel P. Berrangé
2022-12-01 6:13 ` [PATCH 5/9] ui: Move QMP commands from monitor to new ui/ui-qmp-cmds.c Markus Armbruster
2022-12-01 6:38 ` Markus Armbruster
2022-12-11 16:48 ` Markus Armbruster
2022-12-01 8:51 ` Daniel P. Berrangé
2022-12-01 6:13 ` [PATCH 6/9] ui: Move HMP commands from monitor to new ui/ui-hmp-cmds.c Markus Armbruster
2022-12-01 7:14 ` Philippe Mathieu-Daudé
2022-12-01 10:26 ` Markus Armbruster
2022-12-01 8:53 ` Daniel P. Berrangé
2022-12-01 6:13 ` [PATCH 7/9] ui: Improve "change vnc" error reporting Markus Armbruster
2022-12-01 8:56 ` Daniel P. Berrangé
2022-12-01 10:27 ` Markus Armbruster
2022-12-01 6:13 ` [PATCH 8/9] ui: Factor out hmp_change_vnc(), and move to ui/ui-hmp-cmds.c Markus Armbruster
2022-12-01 8:57 ` Daniel P. Berrangé
2022-12-01 6:13 ` [PATCH 9/9] ui: Reduce nesting in hmp_change_vnc() slightly Markus Armbruster
2022-12-01 7:19 ` Philippe Mathieu-Daudé
2022-12-01 8:58 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221201061311.3619052-2-armbru@redhat.com \
--to=armbru@redhat.com \
--cc=dgilbert@redhat.com \
--cc=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).