[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] why does our coverity-model.c g_strdup() say it is a si
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [Qemu-devel] why does our coverity-model.c g_strdup() say it is a size-sink? |
|
Date: |
Thu, 14 Mar 2019 13:24:49 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 |
On 14/03/19 13:16, Peter Maydell wrote:
> Mmm, that makes sense. So in this particular case, do we
> want to try to avoid doing an unbounded allocation based
> on whatever rubbish the user passed us in the environment,
> or do we say "this particular case is OK" and mark it
> as a false-positive ?
>
> Cc'ing Gerd since the Coverity issues in question are
> in the audio code (in get_str() and in
> audio_handle_legacy_opts()).
I think the solution for that is deprecating the old legacy options and
getting rid of them in one year...
Paolo