From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:40824) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WV7to-0001xw-Ip for qemu-devel@nongnu.org; Tue, 01 Apr 2014 19:15:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WV7th-0005xs-LS for qemu-devel@nongnu.org; Tue, 01 Apr 2014 19:15:20 -0400 Received: from qmta07.emeryville.ca.mail.comcast.net ([76.96.30.64]:39576) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WV7th-0005xl-CO for qemu-devel@nongnu.org; Tue, 01 Apr 2014 19:15:13 -0400 Message-ID: <533B487E.6010800@redhat.com> Date: Tue, 01 Apr 2014 17:15:10 -0600 From: Eric Blake MIME-Version: 1.0 References: <20140401214954.GA2902@smaugslair> In-Reply-To: <20140401214954.GA2902@smaugslair> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="qgIUdMOb5E8pRKfKDiSHRnuVStdjxWcbO" Subject: Re: [Qemu-devel] [PATCH v2] Fix for qemu-img info to supply FORMAT values for SPARSE extents List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Shwetha Mathangi Chandra Choodamani , qemu-devel@nongnu.org Cc: kwolf@redhat.com, famz@redhat.com, stefanha@redhat.com This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --qgIUdMOb5E8pRKfKDiSHRnuVStdjxWcbO Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 04/01/2014 03:49 PM, Shwetha Mathangi Chandra Choodamani wrote: > This patch fixes the bug in qemu-img info that wouldn't populate the ex= tent type for default formats. > The extent type has now been set where necessary. This is the second ve= rsion in the series after inputs > from Fam Zheng(famz@redhat.com). >=20 > Signed-off-by: Shwetha Mathangi Chandra Choodamani > --- > block/vmdk.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++++-= --- > 1 file changed, 49 insertions(+), 4 deletions(-) >=20 > + bdrv_pread(file, sizeof(magic), buf, size); > + sscanf(buf, "%10s %" SCNd64 " %10s \"%511[^\n\r\"]\" %" SCNd64, > + access, §ors, type, fname, &flat_offset); Odd indentation. Furthermore, sscanf() has undefined behavior if the input values overflow the width of the integer variable you are parsing into. While you are not the first client of sscanf in the code base, I strongly recommend that you use something that isn't vulnerable to undefined behavior on untrusted external input, or at the VERY least, check the sscanf() return value as well as put a %n parameter at the end of your format string to ensure that you parsed what you thought you did.= --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --qgIUdMOb5E8pRKfKDiSHRnuVStdjxWcbO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJTO0h+AAoJEKeha0olJ0NqwosIAJ/Rofgey3hyiiz0IpbmS6RA wc+I6xC4t+lMRq9w8W2Pw4jSnfyKk8bZfnHAAbx3cuetJKBdKewQcL6Biaf6QLdR Tl1QGPvpByWW7hg5vbjXKv5gyiK7kKZHVPvbKzfkH8xVsp3VJEz2teSNOHqc0U0D VMG5x4ug3fnCzVhWGwslYNOIo+DkeltihSfCP6NRl6g5PGOuk3I5d090+VGIdXCR THtaq2HmsKHnf4V+GJYtRqLd9BLEbQXoGyrsvMcJUE3AsY12lQIn5uaUTsgv32eF uQI4fblyMb2YB8L3YyvuwvRkED4dGmjf4pcOCq88laN3xZu9ZlNKpIDMoTm9qfI= =CqW/ -----END PGP SIGNATURE----- --qgIUdMOb5E8pRKfKDiSHRnuVStdjxWcbO--