[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] xl: tighten parsing of "irq" and "iomem" list elements



While "ioport" list element parsing already validates that the entire
input string got consumed, its two siblings so far didn't.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- a/tools/libxl/xl_cmdimpl.c
+++ b/tools/libxl/xl_cmdimpl.c
@@ -1730,7 +1730,7 @@ static void parse_config_data(const char
                 exit(1);
             }
             ul = strtoul(buf, &ep, 10);
-            if (ep == buf) {
+            if (ep == buf || *ep != '\0') {
                 fprintf(stderr,
                         "xl: Invalid argument parsing irq: %s\n", buf);
                 exit(1);
@@ -1752,6 +1752,8 @@ static void parse_config_data(const char
             exit(-1);
         }
         for (i = 0; i < num_iomem; i++) {
+            int used;
+
             buf = xlu_cfg_get_listitem (iomem, i);
             if (!buf) {
                 fprintf(stderr,
@@ -1759,11 +1761,11 @@ static void parse_config_data(const char
                 exit(1);
             }
             libxl_iomem_range_init(&b_info->iomem[i]);
-            ret = sscanf(buf, "%" SCNx64",%" SCNx64"@%" SCNx64,
+            ret = sscanf(buf, "%" SCNx64",%" SCNx64"%n@%" SCNx64"%n",
                          &b_info->iomem[i].start,
-                         &b_info->iomem[i].number,
-                         &b_info->iomem[i].gfn);
-            if (ret < 2) {
+                         &b_info->iomem[i].number, &used,
+                         &b_info->iomem[i].gfn, &used);
+            if (ret < 2 || buf[used] != '\0') {
                 fprintf(stderr,
                         "xl: Invalid argument parsing iomem: %s\n", buf);
                 exit(1);



Attachment: xl-irq-iomem-parse.patch
Description: Text document

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.