From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33878) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZqqVL-0002yP-GJ for qemu-devel@nongnu.org; Mon, 26 Oct 2015 18:44:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZqqVK-00049J-D4 for qemu-devel@nongnu.org; Mon, 26 Oct 2015 18:44:39 -0400 References: <1445897165-4842-1-git-send-email-jsnow@redhat.com> <1445897165-4842-3-git-send-email-jsnow@redhat.com> From: Eric Blake Message-ID: <562EACCF.4060704@redhat.com> Date: Mon, 26 Oct 2015 16:44:31 -0600 MIME-Version: 1.0 In-Reply-To: <1445897165-4842-3-git-send-email-jsnow@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="rs8kWro8JJ6vGrN3jeHlHhpEUJ63rgfHV" Subject: Re: [Qemu-devel] [PATCH 2/3] qemu-io: Check for trailing chars List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: John Snow , qemu-block@nongnu.org Cc: kwolf@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --rs8kWro8JJ6vGrN3jeHlHhpEUJ63rgfHV Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 10/26/2015 04:06 PM, John Snow wrote: > Make sure there's not trailing garbage, e.g. > "64k-whatever-i-want-here" >=20 > Reported-by: Max Reitz > Signed-off-by: John Snow > --- > qemu-io-cmds.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) >=20 > diff --git a/qemu-io-cmds.c b/qemu-io-cmds.c > index 07c5681..e2477fc 100644 > --- a/qemu-io-cmds.c > +++ b/qemu-io-cmds.c > @@ -136,7 +136,14 @@ static char **breakline(char *input, int *count) > static int64_t cvtnum(const char *s) > { > char *end; > - return qemu_strtosz_suffix(s, &end, QEMU_STRTOSZ_DEFSUFFIX_B); > + int64_t ret; > + > + ret =3D qemu_strtosz_suffix(s, &end, QEMU_STRTOSZ_DEFSUFFIX_B); > + if (*end !=3D '\0') { > + /* Detritus at the end of the string */ > + return -EINVAL; > + } > + return ret; > } Eww. This mixes up two return types, negative errno, and negative input. User input of -22 shouldn't behave differently than -21, just because it happens to match -EINVAL. Do we ever want to allow a negative return from cvtnum(), or should we just blindly map a negative int64_t into -ERANGE for a contract that we only accept 63-bit numbers? --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --rs8kWro8JJ6vGrN3jeHlHhpEUJ63rgfHV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJWLqzPAAoJEKeha0olJ0NqN58H/j4HjjQM8EFPbTVdJKCWa4zF pgJ4cT9GnAOz0MpFsVEXa8cHp1P5Ta6w3qYMbdrF0hPK8fcNJ/8aGNoApune5Dp2 Civn+pNyKkspsS7unC40/aM51a6m7eZ3tOyBdYyGuAcKbrVHd/7NvpHNVUKoRYtv GgLaGgrl2nHTBkz0B+JXZBCn7f4z0B1QvSkL/Ueq/2KwBHTykGJRO2IVB2L8Jn6C HYojfhhArfftkYPcZPynRejTasvwOz7iaOMVOaeaVDOA4c5MTdYyWXNKoOEasGLr wArUlF4/QLOa/jmJPBu98KWcb9L/8RRk6Q4uyymcRdXvdiUpa8YIdkdHDRRru0M= =iFM+ -----END PGP SIGNATURE----- --rs8kWro8JJ6vGrN3jeHlHhpEUJ63rgfHV--