From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37565) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZqqZr-0001Ri-3c for qemu-devel@nongnu.org; Mon, 26 Oct 2015 18:49:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZqqZq-00076O-7J for qemu-devel@nongnu.org; Mon, 26 Oct 2015 18:49:19 -0400 References: <1445897165-4842-1-git-send-email-jsnow@redhat.com> <1445897165-4842-3-git-send-email-jsnow@redhat.com> <562EACCF.4060704@redhat.com> From: Eric Blake Message-ID: <562EADE7.5070102@redhat.com> Date: Mon, 26 Oct 2015 16:49:11 -0600 MIME-Version: 1.0 In-Reply-To: <562EACCF.4060704@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="mjJa7FBt9m8lgKCcmPGwxWrQ7bedXeWHV" Subject: Re: [Qemu-devel] [Qemu-block] [PATCH 2/3] qemu-io: Check for trailing chars List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: John Snow , qemu-block@nongnu.org Cc: kwolf@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --mjJa7FBt9m8lgKCcmPGwxWrQ7bedXeWHV Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 10/26/2015 04:44 PM, Eric Blake wrote: > On 10/26/2015 04:06 PM, John Snow wrote: >> Make sure there's not trailing garbage, e.g. >> "64k-whatever-i-want-here" >> >> Reported-by: Max Reitz >> Signed-off-by: John Snow >> --- >> qemu-io-cmds.c | 9 ++++++++- >> 1 file changed, 8 insertions(+), 1 deletion(-) >> + ret =3D qemu_strtosz_suffix(s, &end, QEMU_STRTOSZ_DEFSUFFIX_B); >> + if (*end !=3D '\0') { >> + /* Detritus at the end of the string */ >> + return -EINVAL; >> + } >> + return ret; >> } >=20 > Eww. This mixes up two return types, negative errno, and negative > input. User input of -22 shouldn't behave differently than -21, just > because it happens to match -EINVAL. >=20 > Do we ever want to allow a negative return from cvtnum(), or should we > just blindly map a negative int64_t into -ERANGE for a contract that we= > only accept 63-bit numbers? Uggh. Maybe I should read qemu_strtosz_suffix() before making bogus claims (and assuming that it is merely sugar for strtoll). I stand corrected - the only time you return negative values is if qemu_strtosz_suffx() populated an errno. Reviewed-by: Eric Blake --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --mjJa7FBt9m8lgKCcmPGwxWrQ7bedXeWHV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJWLq3nAAoJEKeha0olJ0NqEXAH+QGE6GRqRbCXQCrXt8VxhipZ DJ4yQNkThDv6QqsBZ5b2HMj1g94L8Decd11Yf2NkpFq3PpzAm9AMQGcRXVI46KmW G/JkME804DMAU3QH0c24o4HiphIf1mO9MftuRgCCmT80JngSAOB9VTMbmpl3ScDP IhCk0w6Xgjcsyt7acWBZVB1BSSWggqSOP/2nCigabr4BtqJNgKCavKXi6omLLY3t SZZY3blDSoaJTXlnCmODwt6xvr5JBhumsGcR/5e40YLBgoslsx7qYsrwXLEhXsmZ ak0fBlyIJa9IyMoRy5JGWrAZo5tl/ve1m0teLpCD7uaLNRQ4+ZjIdJEopwexRoM= =J3Qq -----END PGP SIGNATURE----- --mjJa7FBt9m8lgKCcmPGwxWrQ7bedXeWHV--