[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PULL 5/5] usb-mtp: Advertise SendObjectInfo for write
From: |
Peter Maydell |
Subject: |
Re: [Qemu-devel] [PULL 5/5] usb-mtp: Advertise SendObjectInfo for write support |
Date: |
Fri, 27 Apr 2018 14:28:28 +0100 |
On 27 February 2018 at 08:39, Gerd Hoffmann <address@hidden> wrote:
> From: Bandan Das <address@hidden>
>
> This patch implements a dummy ObjectInfo structure so that
> it's easy to typecast the incoming data. If the metadata is
> valid, write_pending is set. Also, the incoming filename
> is utf-16, so, instead of depending on external libraries, just
> implement a simple function to get the filename
> +static void usb_mtp_write_metadata(MTPState *s)
Hi; Coverity points out a missing error check in this function
(CID 1390578):
> +{
> + MTPData *d = s->data_out;
> + ObjectInfo *dataset = (ObjectInfo *)d->data;
> + char *filename = g_new0(char, dataset->length);
> + MTPObject *o;
> + MTPObject *p = usb_mtp_object_lookup(s, s->dataset.parent_handle);
usb_mtp_object_lookup() can return NULL, but we do not check it...
> + uint32_t next_handle = s->next_handle;
> +
> + assert(!s->write_pending);
> +
> + utf16_to_str(dataset->length, dataset->filename, filename);
> +
> + o = usb_mtp_object_lookup_name(p, filename, dataset->length);
...and if p is NULL here then we will crash in usb_mtp_object_lookup_name().
> + if (o != NULL) {
> + next_handle = o->handle;
> + }
> +
> + s->dataset.filename = filename;
> + s->dataset.format = dataset->format;
> + s->dataset.size = dataset->size;
> + s->dataset.filename = filename;
> + s->write_pending = true;
> +
> + if (s->dataset.format == FMT_ASSOCIATION) {
> + usb_mtp_write_data(s);
> + /* next_handle will be allocated to the newly created dir */
> + if (d->fd == -1) {
> + usb_mtp_queue_result(s, RES_STORE_FULL, d->trans,
> + 0, 0, 0, 0);
> + return;
> + }
> + d->fd = -1;
> + }
> +
> + usb_mtp_queue_result(s, RES_OK, d->trans, 3, QEMU_STORAGE_ID,
> + s->dataset.parent_handle, next_handle);
> +}
> +
thanks
-- PMM
- Re: [Qemu-devel] [PULL 5/5] usb-mtp: Advertise SendObjectInfo for write support,
Peter Maydell <=