qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 2/2] pci: rewrite devaddr parsing

From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH 2/2] pci: rewrite devaddr parsing
Date: Thu, 16 Feb 2012 13:39:02 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 
On 02/16/2012 12:23 PM, malc wrote:
> On Thu, 16 Feb 2012, Michael S. Tsirkin wrote:
> 
>> Use scanf instead of manual string scanning.
>>
>> +
>> +    /* Parse [[<domain>:]<bus>:]<slot> */
>> +    sscanf(addr, "%x:%x:%x%n", &dom, &bus, &slot, &n);
> 
> sscanf can fail.

Worse, the *scanf family has undefined behavior on integer overflow.  If
addr contains "100000000000000:0:0", there's no telling whether it will
be diagnosed as a parse error, or silently accepted and truncated, in
which case, there's no telling what dom will contain.

I cringe any time I see someone using scanf to parse numbers from
arbitrary user input; I barely tolerate it for parsing things generated
by the kernel, but even there, I won't ever use scanf myself.  Same goes
for atoi.  _Only_ strtol and friends can robustly parse arbitrary input
into integers.

-- 
Eric Blake   address@hidden    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]