[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] Do not use slow [*] expansion for GPIO creation
From: |
Pavel Fedin |
Subject: |
Re: [Qemu-devel] [PATCH] Do not use slow [*] expansion for GPIO creation |
Date: |
Wed, 29 Jul 2015 17:08:18 +0300 |
Hello!
> > + l = strlen(name);
> > + propname = g_malloc(l + 13); /* 10 characters for UINT_MAX plus "[]" */
> > + memcpy(propname, name, l);
>
> Please don't do manual string length calculations in combination with
> unbounded sprintf calls. It is a recipe for future security bugs.
[skip]
> > for (i = gpio_list->num_in; i < gpio_list->num_in + n; i++) {
> > + g_sprintf(&propname[l], "[%u]", i);
>
> Replace this with
>
> gchar *propname = g_strdup_printf("%s[%u]", name, i)
>
> > object_property_add_child(OBJECT(dev), propname,
> > OBJECT(gpio_list->in[i]), &error_abort);
>
> g_free(propname);
IMHO it's not really good because of repeating allocation-free. This is not
VERY slow, but still slower than it could be (imagine that this repeats ~1000
times).
I have a better idea instead. What if instead:
propname = g_malloc(l + 13); /* 10 characters for UINT_MAX plus "[]" */
i do:
propname = g_strdup_printf("%s[%u]", name, -1)
? This will automatically give me a buffer to fit in the largest possible
integer.
Kind regards,
Pavel Fedin
Expert Engineer
Samsung Electronics Research center Russia