On 03/11/2018 03:12 PM, Nia Alarie wrote:
Signed-off-by: Nia Alarie <nia.ala...@gmail.com>
---
hw/9pfs/9p.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
} else if (perm & P9_STAT_MODE_LINK) {
- int32_t ofid = atoi(extension.data);
- V9fsFidState *ofidp = get_fid(pdu, ofid);
+ long ofid;
+ V9fsFidState *ofidp;
+
+ if (qemu_strtol(extension.data, NULL, 10, &ofid) ||
+ ofid > INT32_MAX || ofid < INT32_MIN) {
Dan has a pending patch that will add qemu_strtoi, which might be a
nicer fit for this situation:
https://lists.gnu.org/archive/html/qemu-devel/2018-02/msg00952.html
int32_t is not necessarily int, but all platforms that compile qemu have
'int32_t' and 'int' both at 32 bits, so it's simpler to change to 'int
ofid' and use Dan's function than it is to parse to long and then do
bounds checking. Except that Dan still needs to post an updated version
of his patch...
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
