From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1JzDJX-0004Ec-0O
	for qemu-devel@nongnu.org; Thu, 22 May 2008 12:06:47 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1JzDJW-0004Cq-80
	for qemu-devel@nongnu.org; Thu, 22 May 2008 12:06:46 -0400
Received: from [199.232.76.173] (port=40725 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1JzDJW-0004Cd-2Z
	for qemu-devel@nongnu.org; Thu, 22 May 2008 12:06:46 -0400
Received: from fmmailgate02.web.de ([217.72.192.227]:46187)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <jan.kiszka@web.de>) id 1JzDJV-0001eZ-Nx
	for qemu-devel@nongnu.org; Thu, 22 May 2008 12:06:46 -0400
Received: from smtp05.web.de (fmsmtp05.dlan.cinetic.de [172.20.4.166])
	by fmmailgate02.web.de (Postfix) with ESMTP id CBC7FDDD50F9
	for <qemu-devel@nongnu.org>; Thu, 22 May 2008 18:06:44 +0200 (CEST)
Received: from [88.64.5.207] (helo=[192.168.1.198])
	by smtp05.web.de with asmtp (TLSv1:AES256-SHA:256)
	(WEB.DE 4.109 #226) id 1JzDJU-0006Jc-00
	for qemu-devel@nongnu.org; Thu, 22 May 2008 18:06:44 +0200
Message-ID: <48359A14.1090706@web.de>
Date: Thu, 22 May 2008 18:06:44 +0200
From: Jan Kiszka <jan.kiszka@web.de>
MIME-Version: 1.0
References: <483571E7.2@web.de> <483587DD.6050502@bellard.org>
	<48359204.80200@web.de>
In-Reply-To: <48359204.80200@web.de>
Content-Type: text/plain; charset=ISO-8859-15
Sender: jan.kiszka@web.de
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] Re: [PATCH 1/2] Refactor und fix do_sendkey
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Jan Kiszka wrote:
> Fabrice Bellard wrote:
>> Please avoid strncpy. Use pstrcpy intead.
>=20
> Ah, non-POSIX host platforms. Wouldn't it be easier to provide POSIX
> wrappers for those few OSes?
>=20
> However, fixed-up version follows:

That version was crap, pstrcpy is much more different. This should be
better now:

------------

Looking at the sendkey implementation, planning to enhance it with a
hold time argument, I found some potential out-of-bound access and not
very readable code. Here is a fix for the former and a (subjective)
improvement of the latter.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
---
 monitor.c |   51 ++++++++++++++++++++++++++++-----------------------
 1 file changed, 28 insertions(+), 23 deletions(-)

Index: b/monitor.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- a/monitor.c
+++ b/monitor.c
@@ -925,33 +925,38 @@ static int get_keycode(const char *key)
     return -1;
 }
=20
-static void do_send_key(const char *string)
+static void do_sendkey(const char *string)
 {
-    char keybuf[16], *q;
     uint8_t keycodes[16];
-    const char *p;
-    int nb_keycodes, keycode, i;
-
-    nb_keycodes =3D 0;
-    p =3D string;
-    while (*p !=3D '\0') {
-        q =3D keybuf;
-        while (*p !=3D '\0' && *p !=3D '-') {
-            if ((q - keybuf) < sizeof(keybuf) - 1) {
-                *q++ =3D *p;
+    int nb_keycodes =3D 0;
+    char keyname_buf[16];
+    char *separator;
+    int keyname_len, keycode, i;
+
+    while (1) {
+        separator =3D strchr(string, '-');
+        keyname_len =3D separator ? separator-string : strlen(string);
+        if (keyname_len > 0) {
+            pstrcpy(keyname_buf, sizeof(keyname_buf), string);
+            if (keyname_len > sizeof(keyname_buf) - 1) {
+                term_printf("invalid key: '%s...'\n", keyname_buf);
+                return;
             }
-            p++;
-        }
-        *q =3D '\0';
-        keycode =3D get_keycode(keybuf);
-        if (keycode < 0) {
-            term_printf("unknown key: '%s'\n", keybuf);
-            return;
+            if (nb_keycodes =3D=3D sizeof(keycodes)) {
+                term_printf("too many keys\n");
+                return;
+            }
+            keyname_buf[keyname_len] =3D 0;
+            keycode =3D get_keycode(keyname_buf);
+            if (keycode < 0) {
+                term_printf("unknown key: '%s'\n", keyname_buf);
+                return;
+            }
+            keycodes[nb_keycodes++] =3D keycode;
         }
-        keycodes[nb_keycodes++] =3D keycode;
-        if (*p =3D=3D '\0')
+        if (!separator)
             break;
-        p++;
+        string =3D separator + 1;
     }
     /* key down events */
     for(i =3D 0; i < nb_keycodes; i++) {
@@ -1353,7 +1358,7 @@ static term_cmd_t term_cmds[] =3D {
     { "i", "/ii.", do_ioport_read,
       "/fmt addr", "I/O port read" },
=20
-    { "sendkey", "s", do_send_key,
+    { "sendkey", "s", do_sendkey,
       "keys", "send keys to the VM (e.g. 'sendkey ctrl-alt-f1')" },
     { "system_reset", "", do_system_reset,
       "", "reset the system" },