aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2017-08-04 11:07:50 +0100
committerPeter Maydell <peter.maydell@linaro.org>2017-08-04 11:07:50 +0100
commit413ff8be2fcb5e5c4422f5c1bacdb7e5b5915e5e (patch)
tree46d91274360ae4adcf4dd21ea30fd39e00ce7cf5
parentaaaec6acad7cf97372d48c1b09126a09697519c8 (diff)
parent413d463f43fbc4dd3a601e80a5724aa384a265a0 (diff)
downloadqemu-413ff8be2fcb5e5c4422f5c1bacdb7e5b5915e5e.zip
qemu-413ff8be2fcb5e5c4422f5c1bacdb7e5b5915e5e.tar.gz
qemu-413ff8be2fcb5e5c4422f5c1bacdb7e5b5915e5e.tar.bz2
Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging
slirp updates # gpg: Signature made Wed 02 Aug 2017 23:27:41 BST # gpg: using RSA key 0x9E511E01C737F075 # gpg: Good signature from "Samuel Thibault <samuel.thibault@aquilenet.fr>" # gpg: aka "Samuel Thibault <sthibault@debian.org>" # gpg: aka "Samuel Thibault <samuel.thibault@gnu.org>" # gpg: aka "Samuel Thibault <samuel.thibault@inria.fr>" # gpg: aka "Samuel Thibault <samuel.thibault@labri.fr>" # gpg: aka "Samuel Thibault <samuel.thibault@ens-lyon.org>" # gpg: aka "Samuel Thibault <samuel.thibault@u-bordeaux.fr>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 900C B024 B679 31D4 0F82 304B D017 8C76 7D06 9EE6 # Subkey fingerprint: 9A37 3D36 64A8 DC62 DA0A 34FD 9E51 1E01 C737 F075 * remotes/thibault/tags/samuel-thibault: slirp: check len against dhcp options array end slirp: fill error when failing to initialize user network Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-rw-r--r--net/slirp.c134
-rw-r--r--slirp/bootp.c3
2 files changed, 97 insertions, 40 deletions
diff --git a/net/slirp.c b/net/slirp.c
index 9fbc949..01ed21c 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -91,15 +91,15 @@ static QTAILQ_HEAD(slirp_stacks, SlirpState) slirp_stacks =
QTAILQ_HEAD_INITIALIZER(slirp_stacks);
static int slirp_hostfwd(SlirpState *s, const char *redir_str,
- int legacy_format);
+ int legacy_format, Error **errp);
static int slirp_guestfwd(SlirpState *s, const char *config_str,
- int legacy_format);
+ int legacy_format, Error **errp);
#ifndef _WIN32
static const char *legacy_smb_export;
static int slirp_smb(SlirpState *s, const char *exported_dir,
- struct in_addr vserver_addr);
+ struct in_addr vserver_addr, Error **errp);
static void slirp_smb_cleanup(SlirpState *s);
#else
static inline void slirp_smb_cleanup(SlirpState *s) { }
@@ -155,7 +155,7 @@ static int net_slirp_init(NetClientState *peer, const char *model,
const char *bootfile, const char *vdhcp_start,
const char *vnameserver, const char *vnameserver6,
const char *smb_export, const char *vsmbserver,
- const char **dnssearch)
+ const char **dnssearch, Error **errp)
{
/* default settings according to historic slirp */
struct in_addr net = { .s_addr = htonl(0x0a000200) }; /* 10.0.2.0 */
@@ -178,15 +178,18 @@ static int net_slirp_init(NetClientState *peer, const char *model,
struct slirp_config_str *config;
if (!ipv4 && (vnetwork || vhost || vnameserver)) {
+ error_setg(errp, "IPv4 disabled but netmask/host/dns provided");
return -1;
}
if (!ipv6 && (vprefix6 || vhost6 || vnameserver6)) {
+ error_setg(errp, "IPv6 disabled but prefix/host6/dns6 provided");
return -1;
}
if (!ipv4 && !ipv6) {
/* It doesn't make sense to disable both */
+ error_setg(errp, "IPv4 and IPv6 disabled");
return -1;
}
@@ -200,6 +203,7 @@ static int net_slirp_init(NetClientState *peer, const char *model,
if (vnetwork) {
if (get_str_sep(buf, sizeof(buf), &vnetwork, '/') < 0) {
if (!inet_aton(vnetwork, &net)) {
+ error_setg(errp, "Failed to parse netmask");
return -1;
}
addr = ntohl(net.s_addr);
@@ -220,14 +224,19 @@ static int net_slirp_init(NetClientState *peer, const char *model,
}
} else {
if (!inet_aton(buf, &net)) {
+ error_setg(errp, "Failed to parse netmask");
return -1;
}
shift = strtol(vnetwork, &end, 10);
if (*end != '\0') {
if (!inet_aton(vnetwork, &mask)) {
+ error_setg(errp,
+ "Failed to parse netmask (trailing chars)");
return -1;
}
} else if (shift < 4 || shift > 32) {
+ error_setg(errp,
+ "Invalid netmask provided (must be in range 4-32)");
return -1;
} else {
mask.s_addr = htonl(0xffffffff << (32 - shift));
@@ -240,30 +249,43 @@ static int net_slirp_init(NetClientState *peer, const char *model,
}
if (vhost && !inet_aton(vhost, &host)) {
+ error_setg(errp, "Failed to parse host");
return -1;
}
if ((host.s_addr & mask.s_addr) != net.s_addr) {
+ error_setg(errp, "Host doesn't belong to network");
return -1;
}
if (vnameserver && !inet_aton(vnameserver, &dns)) {
+ error_setg(errp, "Failed to parse DNS");
return -1;
}
- if ((dns.s_addr & mask.s_addr) != net.s_addr ||
- dns.s_addr == host.s_addr) {
+ if ((dns.s_addr & mask.s_addr) != net.s_addr) {
+ error_setg(errp, "DNS doesn't belong to network");
+ return -1;
+ }
+ if (dns.s_addr == host.s_addr) {
+ error_setg(errp, "DNS must be different from host");
return -1;
}
if (vdhcp_start && !inet_aton(vdhcp_start, &dhcp)) {
+ error_setg(errp, "Failed to parse DHCP start address");
return -1;
}
- if ((dhcp.s_addr & mask.s_addr) != net.s_addr ||
- dhcp.s_addr == host.s_addr || dhcp.s_addr == dns.s_addr) {
+ if ((dhcp.s_addr & mask.s_addr) != net.s_addr) {
+ error_setg(errp, "DHCP doesn't belong to network");
+ return -1;
+ }
+ if (dhcp.s_addr == host.s_addr || dhcp.s_addr == dns.s_addr) {
+ error_setg(errp, "DNS must be different from host and DNS");
return -1;
}
#ifndef _WIN32
if (vsmbserver && !inet_aton(vsmbserver, &smbsrv)) {
+ error_setg(errp, "Failed to parse SMB address");
return -1;
}
#endif
@@ -272,6 +294,7 @@ static int net_slirp_init(NetClientState *peer, const char *model,
/* No inet_pton helper before Vista... */
if (vprefix6) {
/* Unsupported */
+ error_setg(errp, "IPv6 prefix not supported");
return -1;
}
memset(&ip6_prefix, 0, sizeof(ip6_prefix));
@@ -282,6 +305,7 @@ static int net_slirp_init(NetClientState *peer, const char *model,
vprefix6 = "fec0::";
}
if (!inet_pton(AF_INET6, vprefix6, &ip6_prefix)) {
+ error_setg(errp, "Failed to parse IPv6 prefix");
return -1;
}
#endif
@@ -290,17 +314,22 @@ static int net_slirp_init(NetClientState *peer, const char *model,
vprefix6_len = 64;
}
if (vprefix6_len < 0 || vprefix6_len > 126) {
+ error_setg(errp,
+ "Invalid prefix provided (prefix len must be in range 0-126");
return -1;
}
if (vhost6) {
#if defined(_WIN32) && (_WIN32_WINNT < 0x0600)
+ error_setg(errp, "IPv6 host not supported");
return -1;
#else
if (!inet_pton(AF_INET6, vhost6, &ip6_host)) {
+ error_setg(errp, "Failed to parse IPv6 host");
return -1;
}
if (!in6_equal_net(&ip6_prefix, &ip6_host, vprefix6_len)) {
+ error_setg(errp, "IPv6 Host doesn't belong to network");
return -1;
}
#endif
@@ -311,12 +340,15 @@ static int net_slirp_init(NetClientState *peer, const char *model,
if (vnameserver6) {
#if defined(_WIN32) && (_WIN32_WINNT < 0x0600)
+ error_setg(errp, "IPv6 DNS not supported");
return -1;
#else
if (!inet_pton(AF_INET6, vnameserver6, &ip6_dns)) {
+ error_setg(errp, "Failed to parse IPv6 DNS");
return -1;
}
if (!in6_equal_net(&ip6_prefix, &ip6_dns, vprefix6_len)) {
+ error_setg(errp, "IPv6 DNS doesn't belong to network");
return -1;
}
#endif
@@ -343,12 +375,14 @@ static int net_slirp_init(NetClientState *peer, const char *model,
for (config = slirp_configs; config; config = config->next) {
if (config->flags & SLIRP_CFG_HOSTFWD) {
if (slirp_hostfwd(s, config->str,
- config->flags & SLIRP_CFG_LEGACY) < 0)
+ config->flags & SLIRP_CFG_LEGACY, errp) < 0) {
goto error;
+ }
} else {
if (slirp_guestfwd(s, config->str,
- config->flags & SLIRP_CFG_LEGACY) < 0)
+ config->flags & SLIRP_CFG_LEGACY, errp) < 0) {
goto error;
+ }
}
}
#ifndef _WIN32
@@ -356,8 +390,9 @@ static int net_slirp_init(NetClientState *peer, const char *model,
smb_export = legacy_smb_export;
}
if (smb_export) {
- if (slirp_smb(s, smb_export, smbsrv) < 0)
+ if (slirp_smb(s, smb_export, smbsrv, errp) < 0) {
goto error;
+ }
}
#endif
@@ -452,7 +487,7 @@ void hmp_hostfwd_remove(Monitor *mon, const QDict *qdict)
}
static int slirp_hostfwd(SlirpState *s, const char *redir_str,
- int legacy_format)
+ int legacy_format, Error **errp)
{
struct in_addr host_addr = { .s_addr = INADDR_ANY };
struct in_addr guest_addr = { .s_addr = 0 };
@@ -505,14 +540,14 @@ static int slirp_hostfwd(SlirpState *s, const char *redir_str,
if (slirp_add_hostfwd(s->slirp, is_udp, host_addr, host_port, guest_addr,
guest_port) < 0) {
- error_report("could not set up host forwarding rule '%s'",
- redir_str);
+ error_setg(errp, "Could not set up host forwarding rule '%s'",
+ redir_str);
return -1;
}
return 0;
fail_syntax:
- error_report("invalid host forwarding rule '%s'", redir_str);
+ error_setg(errp, "Invalid host forwarding rule '%s'", redir_str);
return -1;
}
@@ -532,7 +567,10 @@ void hmp_hostfwd_add(Monitor *mon, const QDict *qdict)
redir_str = arg1;
}
if (s) {
- slirp_hostfwd(s, redir_str, 0);
+ Error *err = NULL;
+ if (slirp_hostfwd(s, redir_str, 0, &err) < 0) {
+ error_report_err(err);
+ }
}
}
@@ -540,6 +578,8 @@ void hmp_hostfwd_add(Monitor *mon, const QDict *qdict)
int net_slirp_redir(const char *redir_str)
{
struct slirp_config_str *config;
+ Error *err = NULL;
+ int res;
if (QTAILQ_EMPTY(&slirp_stacks)) {
config = g_malloc(sizeof(*config));
@@ -550,7 +590,11 @@ int net_slirp_redir(const char *redir_str)
return 0;
}
- return slirp_hostfwd(QTAILQ_FIRST(&slirp_stacks), redir_str, 1);
+ res = slirp_hostfwd(QTAILQ_FIRST(&slirp_stacks), redir_str, 1, &err);
+ if (res < 0) {
+ error_report_err(err);
+ }
+ return res;
}
#ifndef _WIN32
@@ -576,7 +620,7 @@ static void slirp_smb_cleanup(SlirpState *s)
}
static int slirp_smb(SlirpState* s, const char *exported_dir,
- struct in_addr vserver_addr)
+ struct in_addr vserver_addr, Error **errp)
{
char *smb_conf;
char *smb_cmdline;
@@ -585,25 +629,25 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
passwd = getpwuid(geteuid());
if (!passwd) {
- error_report("failed to retrieve user name");
+ error_setg(errp, "Failed to retrieve user name");
return -1;
}
if (access(CONFIG_SMBD_COMMAND, F_OK)) {
- error_report("could not find '%s', please install it",
- CONFIG_SMBD_COMMAND);
+ error_setg(errp, "Could not find '%s', please install it",
+ CONFIG_SMBD_COMMAND);
return -1;
}
if (access(exported_dir, R_OK | X_OK)) {
- error_report("error accessing shared directory '%s': %s",
- exported_dir, strerror(errno));
+ error_setg(errp, "Error accessing shared directory '%s': %s",
+ exported_dir, strerror(errno));
return -1;
}
s->smb_dir = g_dir_make_tmp("qemu-smb.XXXXXX", NULL);
if (!s->smb_dir) {
- error_report("could not create samba server dir");
+ error_setg(errp, "Could not create samba server dir");
return -1;
}
smb_conf = g_strdup_printf("%s/%s", s->smb_dir, "smb.conf");
@@ -611,8 +655,9 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
f = fopen(smb_conf, "w");
if (!f) {
slirp_smb_cleanup(s);
- error_report("could not create samba server configuration file '%s'",
- smb_conf);
+ error_setg(errp,
+ "Could not create samba server configuration file '%s'",
+ smb_conf);
g_free(smb_conf);
return -1;
}
@@ -660,7 +705,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
slirp_add_exec(s->slirp, 0, smb_cmdline, &vserver_addr, 445) < 0) {
slirp_smb_cleanup(s);
g_free(smb_cmdline);
- error_report("conflicting/invalid smbserver address");
+ error_setg(errp, "Conflicting/invalid smbserver address");
return -1;
}
g_free(smb_cmdline);
@@ -678,8 +723,13 @@ int net_slirp_smb(const char *exported_dir)
}
legacy_smb_export = exported_dir;
if (!QTAILQ_EMPTY(&slirp_stacks)) {
- return slirp_smb(QTAILQ_FIRST(&slirp_stacks), exported_dir,
- vserver_addr);
+ Error *err = NULL;
+ int res = slirp_smb(QTAILQ_FIRST(&slirp_stacks), exported_dir,
+ vserver_addr, &err);
+ if (res < 0) {
+ error_report_err(err);
+ }
+ return res;
}
return 0;
}
@@ -706,7 +756,7 @@ static void guestfwd_read(void *opaque, const uint8_t *buf, int size)
}
static int slirp_guestfwd(SlirpState *s, const char *config_str,
- int legacy_format)
+ int legacy_format, Error **errp)
{
struct in_addr server = { .s_addr = 0 };
struct GuestFwd *fwd;
@@ -746,8 +796,8 @@ static int slirp_guestfwd(SlirpState *s, const char *config_str,
if ((strlen(p) > 4) && !strncmp(p, "cmd:", 4)) {
if (slirp_add_exec(s->slirp, 0, &p[4], &server, port) < 0) {
- error_report("conflicting/invalid host:port in guest forwarding "
- "rule '%s'", config_str);
+ error_setg(errp, "Conflicting/invalid host:port in guest "
+ "forwarding rule '%s'", config_str);
return -1;
}
} else {
@@ -755,21 +805,22 @@ static int slirp_guestfwd(SlirpState *s, const char *config_str,
Chardev *chr = qemu_chr_new(buf, p);
if (!chr) {
- error_report("could not open guest forwarding device '%s'", buf);
+ error_setg(errp, "Could not open guest forwarding device '%s'",
+ buf);
return -1;
}
fwd = g_new(struct GuestFwd, 1);
qemu_chr_fe_init(&fwd->hd, chr, &err);
if (err) {
- error_report_err(err);
+ error_propagate(errp, err);
g_free(fwd);
return -1;
}
if (slirp_add_exec(s->slirp, 3, &fwd->hd, &server, port) < 0) {
- error_report("conflicting/invalid host:port in guest forwarding "
- "rule '%s'", config_str);
+ error_setg(errp, "Conflicting/invalid host:port in guest "
+ "forwarding rule '%s'", config_str);
g_free(fwd);
return -1;
}
@@ -783,7 +834,7 @@ static int slirp_guestfwd(SlirpState *s, const char *config_str,
return 0;
fail_syntax:
- error_report("invalid guest forwarding rule '%s'", config_str);
+ error_setg(errp, "Invalid guest forwarding rule '%s'", config_str);
return -1;
}
@@ -845,7 +896,6 @@ static const char **slirp_dnssearch(const StringList *dnsname)
int net_init_slirp(const Netdev *netdev, const char *name,
NetClientState *peer, Error **errp)
{
- /* FIXME error_setg(errp, ...) on failure */
struct slirp_config_str *config;
char *vnet;
int ret;
@@ -882,7 +932,7 @@ int net_init_slirp(const Netdev *netdev, const char *name,
user->ipv6_host, user->hostname, user->tftp,
user->bootfile, user->dhcpstart,
user->dns, user->ipv6_dns, user->smb,
- user->smbserver, dnssearch);
+ user->smbserver, dnssearch, errp);
while (slirp_configs) {
config = slirp_configs;
@@ -919,7 +969,11 @@ int net_slirp_parse_legacy(QemuOptsList *opts_list, const char *optarg, int *ret
slirp_configs = config;
*ret = 0;
} else {
- *ret = slirp_guestfwd(QTAILQ_FIRST(&slirp_stacks), optarg, 1);
+ Error *err = NULL;
+ *ret = slirp_guestfwd(QTAILQ_FIRST(&slirp_stacks), optarg, 1, &err);
+ if (*ret < 0) {
+ error_report_err(err);
+ }
}
return 1;
diff --git a/slirp/bootp.c b/slirp/bootp.c
index 5a4646c..5dd1a41 100644
--- a/slirp/bootp.c
+++ b/slirp/bootp.c
@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type,
if (p >= p_end)
break;
len = *p++;
+ if (p + len > p_end) {
+ break;
+ }
DPRINTF("dhcp: tag=%d len=%d\n", tag, len);
switch(tag) {