From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:48551)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1Qb3qe-00088i-CR
	for qemu-devel@nongnu.org; Mon, 27 Jun 2011 00:55:01 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1Qb3qd-0001c3-31
	for qemu-devel@nongnu.org; Mon, 27 Jun 2011 00:55:00 -0400
Received: from mail-gw0-f45.google.com ([74.125.83.45]:35653)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1Qb3qc-0001bd-Mr
	for qemu-devel@nongnu.org; Mon, 27 Jun 2011 00:54:58 -0400
Received: by gwb19 with SMTP id 19so2214467gwb.4
	for <qemu-devel@nongnu.org>; Sun, 26 Jun 2011 21:54:57 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <1309146518-8998-10-git-send-email-famcool@gmail.com>
References: <1309146518-8998-1-git-send-email-famcool@gmail.com>
	<1309146518-8998-10-git-send-email-famcool@gmail.com>
Date: Mon, 27 Jun 2011 05:54:57 +0100
Message-ID: <BANLkTimuRbdyzUxWEGdze46YaBgGLcP5jA@mail.gmail.com>
From: Stefan Hajnoczi <stefanha@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH v3 09/12] VMDK: open/read/write for
	monolithicFlat image
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Fam Zheng <famcool@gmail.com>
Cc: kwolf@redhat.com, qemu-devel@nongnu.org, hch@lst.de

On Mon, Jun 27, 2011 at 4:48 AM, Fam Zheng <famcool@gmail.com> wrote:
> Parse vmdk decriptor file and open mono flat image.
> @@ -598,6 +600,154 @@ static int vmdk_open_vmdk4(BlockDriverState *bs, in=
t flags)
> =A0 =A0 return ret;
> =A0}
>
> +/* find an option value out of descriptor file */
> +static int vmdk_parse_description(const char *desc, const char *opt_name=
,
> + =A0 =A0 =A0 =A0char *buf, int buf_size)
> +{
> + =A0 =A0char *opt_pos =3D strstr(desc, opt_name);
> + =A0 =A0int r;
> + =A0 =A0const char *end =3D desc + strlen(desc);
> +
> + =A0 =A0if (!opt_pos) {
> + =A0 =A0 =A0 =A0return -1;
> + =A0 =A0}
> + =A0 =A0opt_pos +=3D strlen(opt_name) + 2;
> + =A0 =A0if (opt_pos >=3D end) {
> + =A0 =A0 =A0 =A0return -1;
> + =A0 =A0}
> + =A0 =A0r =3D sscanf(opt_pos, "%[^\"]s", buf);
> + =A0 =A0return r <=3D 0;
> +}

This is still unsafe.  Please see my comments on the previous version
of this patch.

> +static int vmdk_open_desc_file(BlockDriverState *bs, int flags)
> +{
> + =A0 =A0int ret;
> + =A0 =A0char buf[2048];
> + =A0 =A0char ct[128];
> + =A0 =A0BDRVVmdkState *s =3D bs->opaque;
> +
> + =A0 =A0ret =3D bdrv_pread(bs->file, 0, buf, sizeof(buf));
> + =A0 =A0ret =3D bdrv_pread(bs->file, 0, buf, sizeof(buf));

Merge error?  Only need to bdrv_pread() once :).

Stefan