[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 14/36] slirp: check sscanf result when emulating ide
From: |
Michael Roth |
Subject: |
[Qemu-devel] [PATCH 14/36] slirp: check sscanf result when emulating ident |
Date: |
Tue, 23 Jul 2019 12:00:42 -0500 |
From: William Bowling <address@hidden>
When emulating ident in tcp_emu, if the strchr checks passed but the
sscanf check failed, two uninitialized variables would be copied and
sent in the reply, so move this code inside the if(sscanf()) clause.
Signed-off-by: William Bowling <address@hidden>
Cc: address@hidden
Cc: address@hidden
Message-Id: <address@hidden>
Signed-off-by: Samuel Thibault <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
(cherry picked from commit d3222975c7d6cda9e25809dea05241188457b113)
Signed-off-by: Michael Roth <address@hidden>
---
slirp/tcp_subr.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
index fa61349cbb..c27e0d158d 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
@@ -657,12 +657,12 @@ tcp_emu(struct socket *so, struct mbuf *m)
break;
}
}
+ so_rcv->sb_cc =
snprintf(so_rcv->sb_data,
+
so_rcv->sb_datalen,
+ "%d,%d\r\n",
n1, n2);
+ so_rcv->sb_rptr = so_rcv->sb_data;
+ so_rcv->sb_wptr = so_rcv->sb_data +
so_rcv->sb_cc;
}
- so_rcv->sb_cc = snprintf(so_rcv->sb_data,
- so_rcv->sb_datalen,
- "%d,%d\r\n", n1, n2);
- so_rcv->sb_rptr = so_rcv->sb_data;
- so_rcv->sb_wptr = so_rcv->sb_data +
so_rcv->sb_cc;
}
m_free(m);
return 0;
--
2.17.1
- [Qemu-devel] [PATCH 15/36] tpm_tis: fix loop that cancels any seizure by a lower locality, (continued)
- [Qemu-devel] [PATCH 15/36] tpm_tis: fix loop that cancels any seizure by a lower locality, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 16/36] vfio-ap: flag as compatible with balloon, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 20/36] qga-win: include glib when building VSS DLL, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 19/36] json: Fix % handling when not interpolating, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 21/36] configure: improve usbfs check, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 27/36] qcow2: Avoid COW during metadata preallocation, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 25/36] usb-mtp: use O_NOFOLLOW and O_CLOEXEC., Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 28/36] cutils: Fix size_to_str() on 32-bit platforms, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 29/36] block: Fix AioContext switch for bs->drv == NULL, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 24/36] qga: update docs with systemd suspend support info, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 14/36] slirp: check sscanf result when emulating ident,
Michael Roth <=
- [Qemu-devel] [PATCH 26/36] qemu-img: fix error reporting for -object, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 30/36] do not call vhost_net_cleanup() on running net from char user event, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 01/36] i2c: Move typedef of bitbang_i2c_interface to i2c.h, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 22/36] mac_oldworld: use node name instead of alias name for hd device in FWPathProvider, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 23/36] mac_newworld: use node name instead of alias name for hd device in FWPathProvider, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 06/36] hw/s390x: Fix bad mask in time2tod(), Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 31/36] s390x/cpumodel: ignore csske for expansion, Michael Roth, 2019/07/23
- [Qemu-devel] [PATCH 35/36] iotests: Test unaligned raw images with O_DIRECT, Michael Roth, 2019/07/23