[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 1/2] hmp: expr_unary(): check for overflow in st
|
From: |
Luiz Capitulino |
|
Subject: |
Re: [Qemu-devel] [PATCH 1/2] hmp: expr_unary(): check for overflow in strtoul()/strtoull() |
|
Date: |
Fri, 27 Apr 2012 10:34:18 -0300 |
On Fri, 27 Apr 2012 15:28:56 +0200
Markus Armbruster <address@hidden> wrote:
> Luiz Capitulino <address@hidden> writes:
>
> > It's not checked currently, so something like:
> >
> > (qemu) balloon -100000000000001111114334234
> > (qemu)
> >
> > Will just "work" (in this case the balloon command will get a random
> > value).
> >
> > Fix it by checking if strtoul()/strtoull() overflowed.
> >
> > Signed-off-by: Luiz Capitulino <address@hidden>
> > ---
> > monitor.c | 7 +++++++
> > 1 file changed, 7 insertions(+)
> >
> > diff --git a/monitor.c b/monitor.c
> > index 8946a10..56ee971 100644
> > --- a/monitor.c
> > +++ b/monitor.c
> > @@ -3120,10 +3120,17 @@ static int64_t expr_unary(Monitor *mon)
> > n = 0;
> > break;
> > default:
> > + errno = 0;
> > #if TARGET_PHYS_ADDR_BITS > 32
> > n = strtoull(pch, &p, 0);
> > + if (n == ULLONG_MAX && errno == ERANGE) {
> > + expr_error(mon, "number too large");
> > + }
> > #else
> > n = strtoul(pch, &p, 0);
> > + if (n == ULONG_MAX && errno == ERANGE) {
> > + expr_error(mon, "number too large");
> > + }
> > #endif
> > if (pch == p) {
> > expr_error(mon, "invalid char in expression");
>
> Roundabout way to do
>
> + errno = 0;
> #if TARGET_PHYS_ADDR_BITS > 32
> n = strtoull(pch, &p, 0);
> #else
> n = strtoul(pch, &p, 0);
> #endif
> + if (errno == ERANGE) {
> + expr_error(mon, "number too large");
> + }
> if (pch == p) {
> expr_error(mon, "invalid char in expression");
I really have a preference for doing what's described by the standard. At
the same time I think this is really minor.
The duplication you're fixing is going to be fixed once we introduce
a wrapper for strtoul()/stroull().