Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VER

From:	Peter Maydell
Subject:	Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware
Date:	Sat, 14 Apr 2012 02:30:37 +0100

On 13 April 2012 20:59, Crístian Viana <address@hidden> wrote:
>> If so, then you have a bug in
>> nseries.c: sprintf() is asking for a buffer overflow.  Remember,
>> QEMU_VERSION has a compile-time fixed length, but if qemu_get_version()
>> is an arbitrary user string, you no longer have a guarantee that you fit
>> in version[12].
>
> Well, I also noticed that in some places, the version buffer is 12 char
> long, in other places it is 32 char long... we could set a maximum
> length and make sure the string won't cause a buffer overflow (with
> snprintf or some other variant).

Typically the buffer is a fixed length because we're conforming
to some protocol (USB, Linux atags, usb-redirection-transport, SCSI, etc)
which mandates a fixed length for whatever field we've been putting
the version number in. The length involved will obviously vary depending
on the use. So you have to stick to the required length for each use and
just make sure we truncate rather than overflowing in the unlikely event
of an overlong return from qemu_get_version().

-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Crístian Viana, 2012/04/13
- Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Eric Blake, 2012/04/13
  - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Crístian Viana, 2012/04/13
    - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Peter Maydell <=
- Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Peter Maydell, 2012/04/13
  - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Crístian Viana, 2012/04/23
- Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Anthony Liguori, 2012/04/25
  - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Crístian Viana, 2012/04/27
    - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Anthony Liguori, 2012/04/27
    - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Crístian Viana, 2012/04/27
    - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Peter Maydell, 2012/04/27
    - Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware, Crístian Viana, 2012/04/27

Prev by Date: Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware
Next by Date: [Qemu-devel] [PATCH] target-xtensa: add dc233c core
Previous by thread: Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware
Next by thread: Re: [Qemu-devel] [PATCH 1/1 v3] Allow machines to configure the QEMU_VERSION that's exposed via hardware
Index(es):
- Date
- Thread