aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Armbruster <armbru@redhat.com>2017-02-21 21:13:53 +0100
committerMarkus Armbruster <armbru@redhat.com>2017-02-23 20:35:35 +0100
commit3403e5eb884f3a74c40fe7cccc103f848c040215 (patch)
tree1e3323f01f81d93c8f8de2dfe495f66a243b7c86
parent4baef2679e029c76707be1e2ed54bf3dd21693fe (diff)
downloadqemu-3403e5eb884f3a74c40fe7cccc103f848c040215.zip
qemu-3403e5eb884f3a74c40fe7cccc103f848c040215.tar.gz
qemu-3403e5eb884f3a74c40fe7cccc103f848c040215.tar.bz2
option: Fix to reject invalid and overflowing numbers
parse_option_number() fails to check for these errors after strtoull(). Has always been broken. Fix that. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1487708048-2131-10-git-send-email-armbru@redhat.com>
-rw-r--r--tests/test-qemu-opts.c19
-rw-r--r--util/qemu-option.c11
2 files changed, 16 insertions, 14 deletions
diff --git a/tests/test-qemu-opts.c b/tests/test-qemu-opts.c
index 310485b..8b92f7b 100644
--- a/tests/test-qemu-opts.c
+++ b/tests/test-qemu-opts.c
@@ -603,17 +603,15 @@ static void test_opts_parse_number(void)
/* Above upper limit */
opts = qemu_opts_parse(&opts_list_01, "number1=18446744073709551616",
- false, &error_abort);
- /* BUG: should reject */
- g_assert_cmpuint(opts_count(opts), ==, 1);
- g_assert_cmpuint(qemu_opt_get_number(opts, "number1", 1), ==, UINT64_MAX);
+ false, &err);
+ error_free_or_abort(&err);
+ g_assert(!opts);
/* Below lower limit */
opts = qemu_opts_parse(&opts_list_01, "number1=-18446744073709551616",
- false, &error_abort);
- /* BUG: should reject */
- g_assert_cmpuint(opts_count(opts), ==, 1);
- g_assert_cmpuint(qemu_opt_get_number(opts, "number1", 1), ==, UINT64_MAX);
+ false, &err);
+ error_free_or_abort(&err);
+ g_assert(!opts);
/* Hex and octal */
opts = qemu_opts_parse(&opts_list_01, "number1=0x2a,number2=052",
@@ -624,9 +622,8 @@ static void test_opts_parse_number(void)
/* Invalid */
opts = qemu_opts_parse(&opts_list_01, "number1=", false, &err);
- /* BUG: should reject */
- g_assert_cmpuint(opts_count(opts), ==, 1);
- g_assert_cmpuint(qemu_opt_get_number(opts, "number1", 1), ==, 0);
+ error_free_or_abort(&err);
+ g_assert(!opts);
opts = qemu_opts_parse(&opts_list_01, "number1=eins", false, &err);
error_free_or_abort(&err);
g_assert(!opts);
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 9708668..273d00d 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -141,11 +141,16 @@ static void parse_option_bool(const char *name, const char *value, bool *ret,
static void parse_option_number(const char *name, const char *value,
uint64_t *ret, Error **errp)
{
- char *postfix;
uint64_t number;
+ int err;
- number = strtoull(value, &postfix, 0);
- if (*postfix != '\0') {
+ err = qemu_strtou64(value, NULL, 0, &number);
+ if (err == -ERANGE) {
+ error_setg(errp, "Value '%s' is too large for parameter '%s'",
+ value, name);
+ return;
+ }
+ if (err) {
error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a number");
return;
}