On 04/10/2014 02:24 AM, Laszlo Ersek wrote: > qemu_parse_fd() used to handle at least the following strings incorrectly: > o "-2": simply let through > o "2147483648": returned as LONG_MAX==INT_MAX on ILP32 (with ERANGE > ignored); implementation-defined behavior on LP64 > > Signed-off-by: Laszlo Ersek <[email protected]> > --- > util/cutils.c | 13 ++++++++++--- > 1 file changed, 10 insertions(+), 3 deletions(-)
I still think qemu should follow libvirt's lead of wrapping ALL uses of
strto*l behind sane wrappers, since this is not the only place in the
code base affected by misuse of the function - but that's a story for
another day.
>
> + errno = 0;
> fd = strtol(param, &endptr, 10);
> - if (*endptr || (fd == 0 && param == endptr)) {
> + if (param == endptr /* no conversion performed */ ||
> + errno != 0 /* not representable as long; possibly others */ ||
> + *endptr != '\0' /* final string not empty */ ||
> + fd < 0 /* invalid as file descriptor */ ||
> + fd > INT_MAX /* not representable as int */) {
> return -1;
Your comments make it particularly obvious that YOU know how to properly
use this function, and hopefully teach future readers. :)
Reviewed-by: Eric Blake <[email protected]>
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
