From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Kevin Wolf <kwolf@redhat.com>, Hanna Reitz <hreitz@redhat.com>,
qemu-devel@nongnu.org, qemu-block@nongnu.org
Subject: Re: [PATCH] block/curl.c: Check error return from curl_easy_setopt()
Date: Fri, 28 Jan 2022 17:50:18 +0000 [thread overview]
Message-ID: <YfQs2qIew5UR6MCk@redhat.com> (raw)
In-Reply-To: <20220128165535.2550899-1-peter.maydell@linaro.org>
On Fri, Jan 28, 2022 at 04:55:35PM +0000, Peter Maydell wrote:
> Coverity points out that we aren't checking the return value
> from curl_easy_setopt() for any of the calls to it we make
> in block/curl.c.
>
> Fixes: Coverity CID 1459336, 1459482, 1460331
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> Big fat disclaimer: tested only with 'make check', which I suspect
> may not be exercising this block backend. Hints on how to test
> more thoroughly are welcome.
yeah afaik, qemu-iotests don't have support for this. As a very
basic smoke test do
$ qemu-img info https://cloud.debian.org/images/cloud/buster/daily/latest/debian-10-nocloud-amd64-daily.qcow2
image: https://cloud.debian.org/images/cloud/buster/daily/latest/debian-10-nocloud-amd64-daily.qcow2
file format: qcow2
virtual size: 2 GiB (2147483648 bytes)
disk size: unavailable
cluster_size: 65536
Format specific information:
compat: 1.1
compression type: zlib
lazy refcounts: false
refcount bits: 16
corrupt: false
extended l2: false
and/or
$ qemu-img info --image-opts driver=qcow2,file.driver=https,file.url=https://cloud.debian.org/images/cloud/buster/daily/latest/debian-10-nocloud-amd64-daily.qcow2
image: https://cloud.debian.org/images/cloud/buster/daily/latest/debian-10-nocloud-amd64-daily.qcow2
file format: qcow2
virtual size: 2 GiB (2147483648 bytes)
disk size: unavailable
cluster_size: 65536
Format specific information:
compat: 1.1
compression type: zlib
lazy refcounts: false
refcount bits: 16
corrupt: false
extended l2: false
>
> block/curl.c | 90 +++++++++++++++++++++++++++++++++-------------------
> 1 file changed, 58 insertions(+), 32 deletions(-)
>
> diff --git a/block/curl.c b/block/curl.c
> index 6a6cd729758..aaee1b17bef 100644
> --- a/block/curl.c
> +++ b/block/curl.c
> @@ -458,38 +458,51 @@ static int curl_init_state(BDRVCURLState *s, CURLState *state)
> if (!state->curl) {
> return -EIO;
> }
> - curl_easy_setopt(state->curl, CURLOPT_URL, s->url);
> - curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER,
> - (long) s->sslverify);
> - curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYHOST,
> - s->sslverify ? 2L : 0L);
> - if (s->cookie) {
> - curl_easy_setopt(state->curl, CURLOPT_COOKIE, s->cookie);
> + if (curl_easy_setopt(state->curl, CURLOPT_URL, s->url) ||
> + curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER,
> + (long) s->sslverify) ||
> + curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYHOST,
> + s->sslverify ? 2L : 0L)) {
> + goto err;
> + }
> + if (s->cookie) {
> + if (curl_easy_setopt(state->curl, CURLOPT_COOKIE, s->cookie)) {
> + goto err;
> + }
> + }
> + if (curl_easy_setopt(state->curl, CURLOPT_TIMEOUT, (long)s->timeout) ||
> + curl_easy_setopt(state->curl, CURLOPT_WRITEFUNCTION,
> + (void *)curl_read_cb) ||
> + curl_easy_setopt(state->curl, CURLOPT_WRITEDATA, (void *)state) ||
> + curl_easy_setopt(state->curl, CURLOPT_PRIVATE, (void *)state) ||
> + curl_easy_setopt(state->curl, CURLOPT_AUTOREFERER, 1) ||
> + curl_easy_setopt(state->curl, CURLOPT_FOLLOWLOCATION, 1) ||
> + curl_easy_setopt(state->curl, CURLOPT_NOSIGNAL, 1) ||
> + curl_easy_setopt(state->curl, CURLOPT_ERRORBUFFER, state->errmsg) ||
> + curl_easy_setopt(state->curl, CURLOPT_FAILONERROR, 1)) {
> + goto err;
> }
> - curl_easy_setopt(state->curl, CURLOPT_TIMEOUT, (long)s->timeout);
> - curl_easy_setopt(state->curl, CURLOPT_WRITEFUNCTION,
> - (void *)curl_read_cb);
> - curl_easy_setopt(state->curl, CURLOPT_WRITEDATA, (void *)state);
> - curl_easy_setopt(state->curl, CURLOPT_PRIVATE, (void *)state);
> - curl_easy_setopt(state->curl, CURLOPT_AUTOREFERER, 1);
> - curl_easy_setopt(state->curl, CURLOPT_FOLLOWLOCATION, 1);
> - curl_easy_setopt(state->curl, CURLOPT_NOSIGNAL, 1);
> - curl_easy_setopt(state->curl, CURLOPT_ERRORBUFFER, state->errmsg);
> - curl_easy_setopt(state->curl, CURLOPT_FAILONERROR, 1);
> -
> if (s->username) {
> - curl_easy_setopt(state->curl, CURLOPT_USERNAME, s->username);
> + if (curl_easy_setopt(state->curl, CURLOPT_USERNAME, s->username)) {
> + goto err;
> + }
> }
> if (s->password) {
> - curl_easy_setopt(state->curl, CURLOPT_PASSWORD, s->password);
> + if (curl_easy_setopt(state->curl, CURLOPT_PASSWORD, s->password)) {
> + goto err;
> + }
> }
> if (s->proxyusername) {
> - curl_easy_setopt(state->curl,
> - CURLOPT_PROXYUSERNAME, s->proxyusername);
> + if (curl_easy_setopt(state->curl,
> + CURLOPT_PROXYUSERNAME, s->proxyusername)) {
> + goto err;
> + }
> }
> if (s->proxypassword) {
> - curl_easy_setopt(state->curl,
> - CURLOPT_PROXYPASSWORD, s->proxypassword);
> + if (curl_easy_setopt(state->curl,
> + CURLOPT_PROXYPASSWORD, s->proxypassword)) {
> + goto err;
> + }
> }
>
> /* Restrict supported protocols to avoid security issues in the more
> @@ -499,18 +512,27 @@ static int curl_init_state(BDRVCURLState *s, CURLState *state)
> * Restricting protocols is only supported from 7.19.4 upwards.
> */
> #if LIBCURL_VERSION_NUM >= 0x071304
> - curl_easy_setopt(state->curl, CURLOPT_PROTOCOLS, PROTOCOLS);
> - curl_easy_setopt(state->curl, CURLOPT_REDIR_PROTOCOLS, PROTOCOLS);
> + if (curl_easy_setopt(state->curl, CURLOPT_PROTOCOLS, PROTOCOLS) ||
> + curl_easy_setopt(state->curl, CURLOPT_REDIR_PROTOCOLS, PROTOCOLS)) {
> + goto err;
> + }
> #endif
>
> #ifdef DEBUG_VERBOSE
> - curl_easy_setopt(state->curl, CURLOPT_VERBOSE, 1);
> + if (curl_easy_setopt(state->curl, CURLOPT_VERBOSE, 1)) {
> + goto err;
> + }
> #endif
> }
>
> state->s = s;
>
> return 0;
> +
> +err:
> + curl_easy_cleanup(state->curl);
> + state->curl = NULL;
> + return -EIO;
> }
>
> /* Called with s->mutex held. */
> @@ -763,10 +785,11 @@ static int curl_open(BlockDriverState *bs, QDict *options, int flags,
> }
>
> s->accept_range = false;
> - curl_easy_setopt(state->curl, CURLOPT_NOBODY, 1);
> - curl_easy_setopt(state->curl, CURLOPT_HEADERFUNCTION,
> - curl_header_cb);
> - curl_easy_setopt(state->curl, CURLOPT_HEADERDATA, s);
> + if (curl_easy_setopt(state->curl, CURLOPT_NOBODY, 1) ||
> + curl_easy_setopt(state->curl, CURLOPT_HEADERFUNCTION, curl_header_cb) ||
> + curl_easy_setopt(state->curl, CURLOPT_HEADERDATA, s)) {
> + goto out;
> + }
> if (curl_easy_perform(state->curl))
> goto out;
> if (curl_easy_getinfo(state->curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &d)) {
> @@ -879,7 +902,10 @@ static void curl_setup_preadv(BlockDriverState *bs, CURLAIOCB *acb)
>
> snprintf(state->range, 127, "%" PRIu64 "-%" PRIu64, start, end);
> trace_curl_setup_preadv(acb->bytes, start, state->range);
> - curl_easy_setopt(state->curl, CURLOPT_RANGE, state->range);
> + if (curl_easy_setopt(state->curl, CURLOPT_RANGE, state->range)) {
> + curl_clean_state(state);
> + goto out;
> + }
>
> if (curl_multi_add_handle(s->multi, state->curl) != CURLM_OK) {
> state->acb[0] = NULL;
> --
> 2.25.1
>
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2022-01-28 17:52 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-28 16:55 [PATCH] block/curl.c: Check error return from curl_easy_setopt() Peter Maydell
2022-01-28 17:50 ` Daniel P. Berrangé [this message]
2022-01-28 18:08 ` Peter Maydell
2022-02-01 11:25 ` Hanna Reitz
2022-02-21 19:45 ` Peter Maydell
2022-02-22 14:58 ` Hanna Reitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YfQs2qIew5UR6MCk@redhat.com \
--to=berrange@redhat.com \
--cc=hreitz@redhat.com \
--cc=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).