[Libvir] diagnose invalid domain ID numbers (and invalid integers, in general)
jim at meyering.net
Fri Nov 9 21:30:15 UTC 2007
Jim Meyering <jim at meyering.net> wrote:
> There are over 30 uses of strtol in libvirt, and they all can silently
> accept invalid input. The invalid string might range from an outlandish
> domain ID like 4294967298 to strings of digits followed by bogus alpha.
> Maybe not worth worrying about, you say? But what if they indicate user
> confusion, e.g., 1,000 vs 1000? Silently interpreting "1,000" as "1"
> would leave the poor user even more confused :-) IMHO, they should all
> be diagnosed.
> Patch attached below.
> If you apply it with plain-old-patch, remember to run this:
> chmod a+x tests/int-overflow
> Thu Nov 8 09:59:43 CET 2007 Jim Meyering <meyering at redhat.com>
> Diagnose an invalid domain ID number.
> * src/virsh.c: Include "xstrtol.h"
> (vshCommandOptDomainBy): Detect integer overflow in domain ID number.
> * tests/int-overflow: New script. Test for the above-fixed bug.
> * tests/Makefile.am (TESTS): Add int-overflow.
> (TESTS_ENVIRONMENT): Define, to propagate $abs_top_* variables
> into the int-overflow script.
> (valgrind): Adapt rule not to clobber new TESTS_ENVIRONMENT.
> * src/xstrtol.h, src/xstrtol.c: New files.
> * src/Makefile.am (virsh_SOURCES): Add xstrtol.c and xstrtol.h.
Daniel Veillard suggested to put the definition of xstrtol_i in a header
file, so that it can be used both by virsh.c and by the library itself,
so now it's in src/internal.h. I've added a fix for one strtol use in
the library, in xend_internal.c. Finally, I've adjusted the ChangeLog
to more closely match Daniel's preference.
Thu Nov 8 09:59:43 CET 2007 Jim Meyering <meyering at redhat.com>
Begin fixing uses of strtol: parse integers more carefully.
* src/internal.h: Include <errno.h>.
Define new static inline function, xstrtol_i.
* src/virsh.c: Detect integer overflow in domain ID number
Detect overflow and invalid port number suffix in cmdVNCDisplay.
* src/xend_internal.c: Parse CPU number more carefully in
* tests/int-overflow: New script. Test for the above-fixed bug.
* tests/Makefile.am: Add int-overflow to TESTS.
Define TESTS_ENVIRONMENT, to propagate $abs_top_* variables
into the int-overflow script.
Adapt the "valgrind" rule not to clobber new TESTS_ENVIRONMENT.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the libvir-list