[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] Improve error handling in do_snapshot_blkdev()
From: |
Jes Sorensen |
Subject: |
Re: [Qemu-devel] [PATCH] Improve error handling in do_snapshot_blkdev() |
Date: |
Thu, 03 Mar 2011 14:10:28 +0100 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14 Thunderbird/3.1.7 |
On 03/03/11 14:06, Stefan Hajnoczi wrote:
> On Thu, Mar 3, 2011 at 10:44 AM, <address@hidden> wrote:
>> + char old_filename[1024];
>> +
>> + old_filename[1023] = '\0';
>>
>> if (!filename) {
>> qerror_report(QERR_MISSING_PARAMETER, "snapshot_file");
>> @@ -591,6 +594,10 @@ int do_snapshot_blkdev(Monitor *mon, const QDict
>> *qdict, QObject **ret_data)
>> goto out;
>> }
>>
>> + strncpy(old_filename, bs->filename, 1024);
>
> strncpy does not NUL-terminate if you reach the maximum length. The
> source buffer is 1024 chars so we should be fine unless there is a bug
> somewhere else too, but please move the old_filename[1023] = '\0'
> after the strncpy and use sizeof(old_filename) as the maximum instead
> of 1024.
Good point, I was trying to catch it but got it backwards :(
Cheers,
Jes