[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 09/24] QemuOpts: Fix to reject numbers that overflow
From: |
Markus Armbruster |
Subject: |
[Qemu-devel] [PATCH 09/24] QemuOpts: Fix to reject numbers that overflow uint64_t |
Date: |
Tue, 14 Feb 2017 11:25:56 +0100 |
parse_option_number() fails to check for overflow after strtoull().
Has always been broken. Fix that.
Signed-off-by: Markus Armbruster <address@hidden>
---
tests/test-qemu-opts.c | 14 ++++++--------
util/qemu-option.c | 11 ++++++++---
2 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/tests/test-qemu-opts.c b/tests/test-qemu-opts.c
index f4426bb..6a9d3c5 100644
--- a/tests/test-qemu-opts.c
+++ b/tests/test-qemu-opts.c
@@ -585,17 +585,15 @@ static void test_opts_parse_number(void)
/* Above upper limit */
opts = qemu_opts_parse(&opts_list_01, "number1=18446744073709551616",
- false, &error_abort);
- /* BUG: should reject */
- g_assert_cmpuint(opts_count(opts), ==, 1);
- g_assert_cmpuint(qemu_opt_get_number(opts, "number1", 1), ==, UINT64_MAX);
+ false, &err);
+ error_free_or_abort(&err);
+ g_assert(!opts);
/* Below lower limit */
opts = qemu_opts_parse(&opts_list_01, "number1=-18446744073709551616",
- false, &error_abort);
- /* BUG: should reject */
- g_assert_cmpuint(opts_count(opts), ==, 1);
- g_assert_cmpuint(qemu_opt_get_number(opts, "number1", 1), ==, UINT64_MAX);
+ false, &err);
+ error_free_or_abort(&err);
+ g_assert(!opts);
/* Hex and octal */
opts = qemu_opts_parse(&opts_list_01, "number1=0x2a,number2=052",
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 2b4e0c9..5d82327 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -141,11 +141,16 @@ static void parse_option_bool(const char *name, const
char *value, bool *ret,
static void parse_option_number(const char *name, const char *value,
uint64_t *ret, Error **errp)
{
- char *postfix;
uint64_t number;
+ int err;
- number = strtoull(value, &postfix, 0);
- if (*postfix != '\0') {
+ err = qemu_strtou64(value, NULL, 0, &number);
+ if (err == -ERANGE) {
+ error_setg(errp, "Value '%s' is too large for parameter '%s'",
+ value, name);
+ return;
+ }
+ if (err) {
error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a number");
return;
}
--
2.7.4
- Re: [Qemu-devel] [PATCH 23/24] util/cutils: Change qemu_strtosz*() from int64_t to uint64_t, (continued)
- [Qemu-devel] [PATCH 04/24] tests/test-cutils: Clean up qemu_strtoul() result checks, Markus Armbruster, 2017/02/14
- [Qemu-devel] [PATCH 06/24] util/cutils: Rename qemu_strtoll(), qemu_strtoull(), Markus Armbruster, 2017/02/14
- [Qemu-devel] [PATCH 10/24] tests/test-cutils: Add missing qemu_strtosz()... endptr checks, Markus Armbruster, 2017/02/14
- [Qemu-devel] [PATCH 09/24] QemuOpts: Fix to reject numbers that overflow uint64_t,
Markus Armbruster <=
- [Qemu-devel] [PATCH 08/24] util/cutils: Clean up control flow around qemu_strtol() a bit, Markus Armbruster, 2017/02/14
- Re: [Qemu-devel] [PATCH 08/24] util/cutils: Clean up control flow around qemu_strtol() a bit, Eric Blake, 2017/02/14
- [Qemu-devel] [PATCH 13/24] tests/test-cutils: Cover qemu_strtosz() around range limits, Markus Armbruster, 2017/02/14
- [Qemu-devel] [PATCH 24/24] QemuOpts: Fix checking of sizes for overflow and trailing crap, Markus Armbruster, 2017/02/14