[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 1/2] hmp: expr_unary(): check for overflow in strtou
From: |
Luiz Capitulino |
Subject: |
[Qemu-devel] [PATCH 1/2] hmp: expr_unary(): check for overflow in strtoul()/strtoull() |
Date: |
Fri, 27 Apr 2012 10:18:31 -0300 |
It's not checked currently, so something like:
(qemu) balloon -100000000000001111114334234
(qemu)
Will just "work" (in this case the balloon command will get a random
value).
Fix it by checking if strtoul()/strtoull() overflowed.
Signed-off-by: Luiz Capitulino <address@hidden>
---
monitor.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/monitor.c b/monitor.c
index 8946a10..56ee971 100644
--- a/monitor.c
+++ b/monitor.c
@@ -3120,10 +3120,17 @@ static int64_t expr_unary(Monitor *mon)
n = 0;
break;
default:
+ errno = 0;
#if TARGET_PHYS_ADDR_BITS > 32
n = strtoull(pch, &p, 0);
+ if (n == ULLONG_MAX && errno == ERANGE) {
+ expr_error(mon, "number too large");
+ }
#else
n = strtoul(pch, &p, 0);
+ if (n == ULONG_MAX && errno == ERANGE) {
+ expr_error(mon, "number too large");
+ }
#endif
if (pch == p) {
expr_error(mon, "invalid char in expression");
--
1.7.9.2.384.g4a92a