From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43681)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1VlbWZ-0007jC-U1
	for qemu-devel@nongnu.org; Wed, 27 Nov 2013 04:35:16 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1VlbWV-0004Ec-9I
	for qemu-devel@nongnu.org; Wed, 27 Nov 2013 04:35:11 -0500
Received: from cantor2.suse.de ([195.135.220.15]:36480 helo=mx2.suse.de)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <afaerber@suse.de>) id 1VlbWV-0004ES-0E
	for qemu-devel@nongnu.org; Wed, 27 Nov 2013 04:35:07 -0500
Message-ID: <5295BCC5.4010500@suse.de>
Date: Wed, 27 Nov 2013 10:35:01 +0100
From: =?ISO-8859-15?Q?Andreas_F=E4rber?= <afaerber@suse.de>
MIME-Version: 1.0
References: <1385538775-4208-1-git-send-email-hare@suse.de>
In-Reply-To: <1385538775-4208-1-git-send-email-hare@suse.de>
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCHv2] qdev: Validate hex properties
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Hannes Reinecke <hare@suse.de>
Cc: Peter Maydell <peter.maydell@linaro.org>, qemu-devel@nongnu.org, Alexander Graf <agraf@suse.de>

Am 27.11.2013 08:52, schrieb Hannes Reinecke:
> strtoul(l) might overflow, in which case it'll return '-1' and set
> the appropriate error code. So update the calls to strtoul(l) when
> parsing hex properties to avoid silent overflows.
>=20
> Cc: Peter Maydell <peter.maydell@linaro.org>
> Cc: Eric Blake <eblake@redhat.com>
> Signed-off-by: Hannes Reinecke <hare@suse.de>
> ---
>  hw/core/qdev-properties.c | 9 +++++++++
>  1 file changed, 9 insertions(+)
>=20
> diff --git a/hw/core/qdev-properties.c b/hw/core/qdev-properties.c
> index dc8ae69..5a94c04 100644
> --- a/hw/core/qdev-properties.c
> +++ b/hw/core/qdev-properties.c
> @@ -198,7 +198,10 @@ static int parse_hex8(DeviceState *dev, Property *=
prop, const char *str)
>          return -EINVAL;
>      }
> =20
> +    errno =3D 0;
>      *ptr =3D strtoul(str, &end, 16);
> +    if (errno)
> +        return -errno;
>      if ((*end !=3D '\0') || (end =3D=3D str)) {
>          return -EINVAL;
>      }

Thanks, this seems to match the requested logic. But please run
checkpatch.pl and add the missing braces. I'll queue it then.

Please add Cc: qemu-stable@nongnu.org to the commit message while at it
since this seems a bug fix that spans multiple releases.

Regards,
Andreas

> @@ -329,7 +332,10 @@ static int parse_hex32(DeviceState *dev, Property =
*prop, const char *str)
>          return -EINVAL;
>      }
> =20
> +    errno =3D 0;
>      *ptr =3D strtoul(str, &end, 16);
> +    if (errno)
> +        return -errno;
>      if ((*end !=3D '\0') || (end =3D=3D str)) {
>          return -EINVAL;
>      }
> @@ -396,7 +402,10 @@ static int parse_hex64(DeviceState *dev, Property =
*prop, const char *str)
>          return -EINVAL;
>      }
> =20
> +    errno =3D 0;
>      *ptr =3D strtoull(str, &end, 16);
> +    if (errno)
> +        return -errno;
>      if ((*end !=3D '\0') || (end =3D=3D str)) {
>          return -EINVAL;
>      }
>=20


--=20
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 N=FCrnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imend=F6rffer; HRB 16746 AG N=FCrnbe=
rg