[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v5 2/5] Add Error **errp for xen_host_pci_device
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-devel] [PATCH v5 2/5] Add Error **errp for xen_host_pci_device_get() |
|
Date: |
Fri, 15 Jan 2016 09:41:18 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 |
On 01/14/2016 08:11 PM, Cao jin wrote:
>>> buf[rc] = 0;
>>> - rc = qemu_strtoul(buf, &endptr, base, &value);
>>> - if (!rc) {
>>> - *pvalue = value;
>>> + rc = qemu_strtoul(buf, &endptr, base, (unsigned long *)pvalue);
>>
>> Ouch. Casting unsigned int * to unsigned long * and then dereferencing
>> it is bogus (you end up having qemu_strtoul() write beyond bounds on
>> platforms where long is larger than int).
>
> Yes, I considered this issue a little. Because the current condition is:
> the value it want to get won`t exceed 4 byte (vendor/device ID, etc). So
> I guess even if on x86_64(length of int != long), it won`t break things.
> So, compared with following, which style do you prefer?
Maybe:
rc = qemu_strtoul(buf, &endptr, base, &value);
if (rc) {
assert(value < UINT_MAX);
*pvalue = value;
} else {
report error ...
}
And maybe some of it should even be done as part of the conversion to
qemu_strtoul() in 1/5.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
[Qemu-devel] [PATCH v5 3/5] Add Error **errp for xen_pt_setup_vga(), Cao jin, 2016/01/13
[Qemu-devel] [PATCH v5 5/5] Xen PCI passthru: convert to realize(), Cao jin, 2016/01/13
[Qemu-devel] [PATCH v5 4/5] Add Error **errp for xen_pt_config_init(), Cao jin, 2016/01/13
Re: [Qemu-devel] [PATCH v5 0/5] Xen PCI passthru: Convert to realize(), Stefano Stabellini, 2016/01/14