Konsole output

From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47988) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YqirV-0002JD-Bj for qemu-devel@nongnu.org; Fri, 08 May 2015 10:02:46 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YqirS-000453-64 for qemu-devel@nongnu.org; Fri, 08 May 2015 10:02:45 -0400 Received: from mx1.redhat.com ([209.132.183.28]:60121) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YqirR-00043V-V5 for qemu-devel@nongnu.org; Fri, 08 May 2015 10:02:42 -0400 Message-ID: <554CC1F9.2040505@redhat.com> Date: Fri, 08 May 2015 16:02:33 +0200 From: Max Reitz MIME-Version: 1.0 References: <1430985143-32543-1-git-send-email-tubo@linux.vnet.ibm.com> <1430985143-32543-6-git-send-email-tubo@linux.vnet.ibm.com> In-Reply-To: <1430985143-32543-6-git-send-email-tubo@linux.vnet.ibm.com> Content-Type: multipart/alternative; boundary="------------070605080809080900050704" Subject: Re: [Qemu-devel] [PATCH RFC v8 5/7] qemu-iotests: s390x: fix test 049 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Bo Tu , qemu-devel@nongnu.org Cc: kwolf@redhat.com, armbru@redhat.com, mimu@linux.vnet.ibm.com This is a multi-part message in MIME format. --------------070605080809080900050704 Content-Type: text/plain; charset=iso-8859-15; format=flowed Content-Transfer-Encoding: 7bit On 07.05.2015 09:52, Bo Tu wrote: > when creating an image qemu-img enable us specifying the size of the > image using -o size=xx options. But when we specify an invalid size > such as a negtive size then different platform gives different result. > > parse_option_size() function in util/qemu-option.c will be called to > parse the size, a cast was called in the function to cast the input > (saved as a double in the function) size to an unsigned int64 value, > when the input is a negtive value or exceeds the maximum of uint64, then > the result is undefined. > > Language spec 6.3.1.4 Real floating and integers: > the result of this assignment/cast is undefined if the float is not > in the open interval (-1, U_MAX+1). > > Signed-off-by: Bo Tu > --- > tests/qemu-iotests/049.out | 10 ++++------ > util/qemu-option.c | 4 ++++ > 2 files changed, 8 insertions(+), 6 deletions(-) > > diff --git a/tests/qemu-iotests/049.out b/tests/qemu-iotests/049.out > index 9f93666..b8790f9 100644 > --- a/tests/qemu-iotests/049.out > +++ b/tests/qemu-iotests/049.out > @@ -95,17 +95,15 @@ qemu-img create -f qcow2 TEST_DIR/t.qcow2 -- -1024 > qemu-img: Image size must be less than 8 EiB! > > qemu-img create -f qcow2 -o size=-1024 TEST_DIR/t.qcow2 > -qemu-img: qcow2 doesn't support shrinking images yet > -qemu-img: TEST_DIR/t.qcow2: Could not resize image: Operation not supported > -Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=-1024 encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16 > +qemu-img: Parameter 'size' expects a non-negative number below 2^64 > +qemu-img: TEST_DIR/t.qcow2: Invalid options for file format 'qcow2' > > qemu-img create -f qcow2 TEST_DIR/t.qcow2 -- -1k > qemu-img: Image size must be less than 8 EiB! > > qemu-img create -f qcow2 -o size=-1k TEST_DIR/t.qcow2 > -qemu-img: qcow2 doesn't support shrinking images yet > -qemu-img: TEST_DIR/t.qcow2: Could not resize image: Operation not supported > -Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=-1024 encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16 > +qemu-img: Parameter 'size' expects a non-negative number below 2^64 > +qemu-img: TEST_DIR/t.qcow2: Invalid options for file format 'qcow2' > > qemu-img create -f qcow2 TEST_DIR/t.qcow2 -- 1kilobyte > qemu-img: Invalid image size specified! You may use k, M, G, T, P or E suffixes for > diff --git a/util/qemu-option.c b/util/qemu-option.c > index fda4e5f..6e75698 100644 > --- a/util/qemu-option.c > +++ b/util/qemu-option.c > @@ -179,6 +179,10 @@ void parse_option_size(const char *name, const char *value, > > if (value != NULL) { > sizef = strtod(value, &postfix); > + if (sizef < 0 || sizef > UINT64_MAX) { > + error_set(errp, QERR_INVALID_PARAMETER_VALUE, name, "a non-negative number below 2^64"); scripts/checkpatch.pl: Konsole output > Konsole output > WARNING: line over 80 characters > #106: FILE: util/qemu-option.c:183: > + error_set(errp, QERR_INVALID_PARAMETER_VALUE, name, "a > non-negative number below 2^64"); Other than that, looks good. Max > + return; > + } > switch (*postfix) { > case 'T': > sizef *= 1024; --------------070605080809080900050704 Content-Type: text/html; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by mx1.redhat.com id t48E2bCI006551

On 07.05.2015 09:52, Bo Tu wrote:

when creating an image qemu-img enable us specifying=
 the size of the
image using -o size=3Dxx options. But when we specify an invalid size
such as a negtive size then different platform gives different result.

parse_option_size() function in util/qemu-option.c will be called to
parse the size, a cast was called in the function to cast the input
(saved as a double in the function) size to an unsigned int64 value,
when the input is a negtive value or exceeds the maximum of uint64, then
the result is undefined.

Language spec 6.3.1.4 Real floating and integers:
the result of this assignment/cast is undefined if the float is not
in the open interval (-1, U<type>_MAX+1).

Signed-off-by: Bo Tu <tubo@linux.vnet.ibm.com>
---
 tests/qemu-iotests/049.out | 10 ++++------
 util/qemu-option.c         |  4 ++++
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/tests/qemu-iotests/049.out b/tests/qemu-iotests/049.out
index 9f93666..b8790f9 100644
--- a/tests/qemu-iotests/049.out
+++ b/tests/qemu-iotests/049.out
@@ -95,17 +95,15 @@ qemu-img create -f qcow2 TEST_DIR/t.qcow2 -- -1024
 qemu-img: Image size must be less than 8 EiB!
=20
 qemu-img create -f qcow2 -o size=3D-1024 TEST_DIR/t.qcow2
-qemu-img: qcow2 doesn't support shrinking images yet
-qemu-img: TEST_DIR/t.qcow2: Could not resize image: Operation not suppor=
ted
-Formatting 'TEST_DIR/t.qcow2', fmt=3Dqcow2 size=3D-1024 encryption=3Doff=
 cluster_size=3D65536 lazy_refcounts=3Doff refcount_bits=3D16
+qemu-img: Parameter 'size' expects a non-negative number below 2^64
+qemu-img: TEST_DIR/t.qcow2: Invalid options for file format 'qcow2'
=20
 qemu-img create -f qcow2 TEST_DIR/t.qcow2 -- -1k
 qemu-img: Image size must be less than 8 EiB!
=20
 qemu-img create -f qcow2 -o size=3D-1k TEST_DIR/t.qcow2
-qemu-img: qcow2 doesn't support shrinking images yet
-qemu-img: TEST_DIR/t.qcow2: Could not resize image: Operation not suppor=
ted
-Formatting 'TEST_DIR/t.qcow2', fmt=3Dqcow2 size=3D-1024 encryption=3Doff=
 cluster_size=3D65536 lazy_refcounts=3Doff refcount_bits=3D16
+qemu-img: Parameter 'size' expects a non-negative number below 2^64
+qemu-img: TEST_DIR/t.qcow2: Invalid options for file format 'qcow2'
=20
 qemu-img create -f qcow2 TEST_DIR/t.qcow2 -- 1kilobyte
 qemu-img: Invalid image size specified! You may use k, M, G, T, P or E s=
uffixes for
diff --git a/util/qemu-option.c b/util/qemu-option.c
index fda4e5f..6e75698 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -179,6 +179,10 @@ void parse_option_size(const char *name, const char =
*value,
=20
     if (value !=3D NULL) {
         sizef =3D strtod(value, &postfix);
+        if (sizef < 0 || sizef > UINT64_MAX) {
+            error_set(errp, QERR_INVALID_PARAMETER_VALUE, name, "a non-n=
egative number below 2^64");

scripts/checkpatch.pl:

Konsole output

Konsole output
WARNING: line over 80 characters
#106: FILE: util/qemu-option.c:183:
+ =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0error_set(errp, QERR_INVAL= ID_PARAMETER_VALUE, name, "a non-negative number below 2^64");

Other than that, looks good.

Max

+            return;
+        }
         switch (*postfix) {
         case 'T':
             sizef *=3D 1024;

--------------070605080809080900050704--