[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [PATCH nbdkit v2] server: public: Add nbdkit_parse_* functions for safely parsing integers.



On 9/23/19 4:21 PM, Eric Blake wrote:

>>    else if (strcmp (key, "timeout") == 0) {
>> -    if (sscanf (value, "%ld", &timeout) != 1) {
>> -      nbdkit_error ("cannot parse timeout: %s", value);
>> +    if (nbdkit_parse_uint32_t ("timeout", value, &timeout) == -1)
>> +      return -1;
>> +    /* Because we have to cast it to long before calling the libssh API. */
>> +    if (timeout > LONG_MAX) {
>> +      nbdkit_error ("timeout too large");
> 
> C17 5.2.4.2.1 requires 'long' to be at least 32 bits.  Ergo, (uint32_t)
> timeout > LONG_MAX is always false.  You could assert() rather than
> trying to use nbdkit_error().

Whoops, I mixed signed v unsigned.

(int32_t)x > LONG_MAX is always false,
(uint32_t)x > ULONG_MAX is always false,

but

(uint32_t)x > LONG_MAX can be true.  Keep the check as-is.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]