[libvirt PATCH 12/17] util: Try to get limits from /proc
Andrea Bolognani
abologna at redhat.com
Tue Mar 9 12:47:55 UTC 2021
On Tue, 2021-03-09 at 12:43 +0100, Michal Privoznik wrote:
> On 3/5/21 8:13 PM, Andrea Bolognani wrote:
> > + if (!g_file_get_contents(procfile, &buf, &len, NULL))
> > + return -1;
>
> I did not spot this yesterday, but now I'm working on a something else
> and have to read a contents of a file under /proc. I did not recall the
> exact name but remembered where I saw it lately - here :-)
>
> And now that I am thinking about it - and reading the docs - is this
> function safe? I mean, it reads file without any limit - which may be
> fine for /proc files, but I worry that if allowed in one func it may
> sneak into others and read user provided files, or while its use in a
> function X might be warranted for now, in the future after some refactor
> the function X might be used to read user provided files.
You're right. I used pure GLib functions initially because I was
implementing this as a tiny stand-alone tool for faster iterative
development, and I just forgot to change that specific function back
to the libvirt equivalent when I was done :)
> Therefore, I think it should go onto the list of not-on-my-watch
> functions and we ought stick with our fine crafted virFileRead*().
>
> BTW: I think the same about g_get_host_name(), which does not reflect
> hostname changes. Unfortunately, we have three places which slipped
> through while I wasn't watching. I'll look into how to revert them.
Sounds good.
--
Andrea Bolognani / Red Hat / Virtualization
More information about the libvir-list
mailing list