From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Dehan Meng <demeng@redhat.com>
Cc: qemu-devel@nongnu.org, kkostiuk@redhat.com, michael.roth@amd.com,
peter.maydell@linaro.org
Subject: Re: [PATCH v2 1/4] sscanf return values are checked to ensure correct parsing.
Date: Mon, 14 Oct 2024 10:55:20 +0100 [thread overview]
Message-ID: <ZwzqiBlRvm9mw64h@redhat.com> (raw)
In-Reply-To: <20241011031937.92216-2-demeng@redhat.com>
On Fri, Oct 11, 2024 at 11:19:34AM +0800, Dehan Meng wrote:
> Signed-off-by: Dehan Meng <demeng@redhat.com>
> ---
> qga/commands-linux.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/qga/commands-linux.c b/qga/commands-linux.c
> index 51d5e3d927..2c2b5f4ff2 100644
> --- a/qga/commands-linux.c
> +++ b/qga/commands-linux.c
> @@ -2103,7 +2103,9 @@ static char *hexToIPAddress(const void *hexValue, int is_ipv6)
> int i;
>
> for (i = 0; i < 16; i++) {
> - sscanf(&hexStr[i * 2], "%02hhx", &in6.s6_addr[i]);
> + if (sscanf(&hex_str[i * 2], "%02hhx", &in6.s6_addr[i]) != 1) {
> + return NULL;
> + }
> }
> inet_ntop(AF_INET6, &in6, addr, INET6_ADDRSTRLEN);
None of the callers of this function are expecting it to return NULL.
eg this code:
networkroute->destination = hexToIPAddress(Destination, 1);
networkroute->metric = Metric;
networkroute->source = hexToIPAddress(Source, 1);
networkroute->desprefixlen = g_strdup_printf(
"%d", DesPrefixlen
);
networkroute->srcprefixlen = g_strdup_printf(
"%d", SrcPrefixlen
);
networkroute->nexthop = hexToIPAddress(NextHop, 1);
The QAPI schema allows 'source' and 'nexthop' to be optional so those
two are fnie.
The 'destination' field is marked as mandatory thoug, so must not
be NULL.
IOW, in the calls we need to check for NULL, and skip adding the
entire route object if 'destniation' is NULL.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2024-10-14 9:56 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-11 3:19 [PATCH v2 0/4] qemu-ga: Fix some potential issues find by coverity Dehan Meng
2024-10-11 3:19 ` [PATCH v2 1/4] sscanf return values are checked to ensure correct parsing Dehan Meng
2024-10-14 9:55 ` Daniel P. Berrangé [this message]
2024-10-11 3:19 ` [PATCH v2 2/4] Proper initialization of n to 0 for getline to function correctly Dehan Meng
2024-10-14 9:57 ` Daniel P. Berrangé
2024-10-11 3:19 ` [PATCH v2 3/4] Avoiding freeing line prematurely. It's now only freed at the end of the function Dehan Meng
2024-10-14 9:59 ` Daniel P. Berrangé
2024-10-11 3:19 ` [PATCH v2 4/4] For correcting code style: Variable declarations moved to the beginning of blocks Followed the coding style of using snake_case for variable names. And merged redundant route and networkroute variables Dehan Meng
2024-10-14 10:06 ` Daniel P. Berrangé
2024-10-11 16:12 ` [PATCH v2 0/4] qemu-ga: Fix some potential issues find by coverity Konstantin Kostiuk
-- strict thread matches above, loose matches on Subject: below --
2024-10-21 13:28 Dehan Meng
2024-10-21 13:28 ` [PATCH v2 1/4] sscanf return values are checked to ensure correct parsing Dehan Meng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZwzqiBlRvm9mw64h@redhat.com \
--to=berrange@redhat.com \
--cc=demeng@redhat.com \
--cc=kkostiuk@redhat.com \
--cc=michael.roth@amd.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).