From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38567) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VrSBb-0001ns-9r for qemu-devel@nongnu.org; Fri, 13 Dec 2013 07:49:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VrSBW-0008FE-EJ for qemu-devel@nongnu.org; Fri, 13 Dec 2013 07:49:43 -0500 Received: from mx1.redhat.com ([209.132.183.28]:3834) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VrSBW-0008F5-4f for qemu-devel@nongnu.org; Fri, 13 Dec 2013 07:49:38 -0500 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id rBDCnarQ015403 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 13 Dec 2013 07:49:37 -0500 Message-ID: <52AB025F.2050405@redhat.com> Date: Fri, 13 Dec 2013 05:49:35 -0700 From: Eric Blake MIME-Version: 1.0 References: <1386929555-3374-1-git-send-email-kraxel@redhat.com> <52AB00A3.7010901@redhat.com> In-Reply-To: <52AB00A3.7010901@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="OEtux0bx2VnVsH1R2jrjBKj04I01uOXwK" Subject: Re: [Qemu-devel] [PATCH v4] inet_listen_opts: add error checking List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Gerd Hoffmann , qemu-devel@nongnu.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --OEtux0bx2VnVsH1R2jrjBKj04I01uOXwK Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 12/13/2013 05:42 AM, Eric Blake wrote: > On 12/13/2013 03:12 AM, Gerd Hoffmann wrote: >> Don't use atoi() function which doesn't detect errors, switch to >> strtol and error out on failures. Also add a range check while >> being at it. >> >> [ v4: didn't commit buildfix. -ENOCOFFEE. sorry for the spam ] >> [ v3: oops, v2 didn't build ] >> [ v2: use parse_uint_full instead of strtol ] >=20 >=20 >> + if (port_offset) { >> + unsigned long long baseport; >> + if (parse_uint_full(port, &baseport, 10) < 0) { >> + error_setg(errp, "can't convert to a number: %s", port); >> + return -1; >> + } >> + if (baseport + port_offset > 65535) { >> + error_setg(errp, "port %s out of range", port); >=20 > error_setg() is still reporting on a bogus errno value at this point. My bad, now it's my turn for early-morning confusion. I was thinking of error_setg_errno, but you are using error_setg. That said, you STILL have a problem: > + if (baseport + port_offset > 65535) { If baseport is 0xfffffffffffffffe, and port_offset is 5000, then their sum is 4998 which is not > 65535, so you fall through: > + error_setg(errp, "port %s out of range", port); > + return -1; > + } > + snprintf(port, sizeof(port), "%d", (int)baseport + port_offset= ); and happily use a value that is less than port_offset at this point. I don't think you meant to do that. --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --OEtux0bx2VnVsH1R2jrjBKj04I01uOXwK Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJSqwJfAAoJEKeha0olJ0NqzskH+gMoAzOxysxKue965mPJx7mD kKUYeEq3gFH/AXA0jPlia7Gl5OiRc2yNqkHsp409TsiDhjoOzM6wyTiQrDmQO/eA Um82z6gLCfNdIofaKQvAXo0Hza/vlqBgopYE9zTSM/uPJoQan1gQDuw2veN9RWYu fP1fRa/1DwVBHe+xaFIOht5S7/1Vt+j7gWC1XA1Uka081jE+aACEAFLSyBStLlM6 CcJXAVJwH5GvzFNCXPWxEIKyWf9KIGJzK2JtcKdzhSfxyvS6l6o0EUPmRZJmmUBV HA1JvWcTNePxhckLzq0C+9zRhVinraudGN0sDZ0dfLzVGXALbkfnfjJo10SvokA= =64fZ -----END PGP SIGNATURE----- --OEtux0bx2VnVsH1R2jrjBKj04I01uOXwK--