[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2] Fix for qemu-img info to supply FORMAT value
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-devel] [PATCH v2] Fix for qemu-img info to supply FORMAT values for SPARSE extents |
|
Date: |
Tue, 01 Apr 2014 17:15:10 -0600 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 |
On 04/01/2014 03:49 PM, Shwetha Mathangi Chandra Choodamani wrote:
> This patch fixes the bug in qemu-img info that wouldn't populate the extent
> type for default formats.
> The extent type has now been set where necessary. This is the second version
> in the series after inputs
> from Fam Zheng(address@hidden).
>
> Signed-off-by: Shwetha Mathangi Chandra Choodamani <address@hidden>
> ---
> block/vmdk.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++++----
> 1 file changed, 49 insertions(+), 4 deletions(-)
>
> + bdrv_pread(file, sizeof(magic), buf, size);
> + sscanf(buf, "%10s %" SCNd64 " %10s \"%511[^\n\r\"]\" %" SCNd64,
> + access, §ors, type, fname, &flat_offset);
Odd indentation. Furthermore, sscanf() has undefined behavior if the
input values overflow the width of the integer variable you are parsing
into. While you are not the first client of sscanf in the code base, I
strongly recommend that you use something that isn't vulnerable to
undefined behavior on untrusted external input, or at the VERY least,
check the sscanf() return value as well as put a %n parameter at the end
of your format string to ensure that you parsed what you thought you did.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature