Am 02.03.2017 um 22:43 hat Markus Armbruster geschrieben: > sd_parse_uri() and sd_snapshot_goto() screw up error checking after > strtoul(), and truncate long tag names silently. Fix by replacing > those parts by new sd_parse_snapid_or_tag(), which checks more > carefully. > > sd_snapshot_delete() also parses snapshot IDs, but is currently too > broken for me to touch. Mark TODO. > > Two calls of strtol() without error checking remain in > parse_redundancy(). Mark them FIXME. > > More silent truncation of configuration strings remains elsewhere. > Not marked. > > Signed-off-by: Markus Armbruster <[email protected]> > --- > block/sheepdog.c | 66 > ++++++++++++++++++++++++++++++++++++++++++++++---------- > 1 file changed, 55 insertions(+), 11 deletions(-) > > diff --git a/block/sheepdog.c b/block/sheepdog.c > index 5554f47..deb110e 100644 > --- a/block/sheepdog.c > +++ b/block/sheepdog.c > @@ -914,6 +914,49 @@ static int get_sheep_fd(BDRVSheepdogState *s, Error > **errp) > return fd; > } > > +/* > + * Parse numeric snapshot ID in @str > + * If @str can't be parsed as number, return false. > + * Else, if the number is zero or too large, set *@snapid to zero and > + * return true. > + * Else, set *@snapid to the number and return true. > + */ > +static bool sd_parse_snapid(const char *str, uint32_t *snapid) > +{ > + unsigned long ul; > + int ret; > + > + ret = qemu_strtoul(str, NULL, 10, &ul); > + if (ret == -ERANGE) { > + ul = ret = 0; > + } > + if (ret) { > + return false; > + } > + if (ul > UINT32_MAX) { > + ul = 0; > + } > + > + *snapid = ul;
Redundant space. > + return true; > +} Looks good otherwise. Kevin
