Hi, same problem on my machine ... Comment #23 does not work for me. In
my VM log I found this line:
libusb_set_configuration: -6 [BUSY]
I'm running 14.04 (fresh install), QEMU 2.0.0. Any suggestions?
--
You received this bug notification because you are a member of qemu-
devel-ml, which is sub
From: Jim Meyering
I've been auditing for unchecked uses of strdup.
Here are fixes for a few:
Jim Meyering (3):
envlist.c: handle strdup failure
scsi,pci,qdev,isa-bus,sysbus: don't let *_get_fw_dev_path return NULL
sparc: use g_strdup in place of unchecked strdup
envlist.c
From: Jim Meyering
Without this, envlist_to_environ may silently fail to copy all
strings into the destination buffer, and both callers would leak
any env strings allocated after a failing strdup, because the
freeing code stops at the first NULL pointer.
Signed-off-by: Jim Meyering
From: Jim Meyering
This avoids a NULL-deref upon strdup failure.
Also update matching free to g_free.
Signed-off-by: Jim Meyering
---
target-sparc/cpu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target-sparc/cpu.c b/target-sparc/cpu.c
index 7ac6bdb..1e31318
From: Jim Meyering
Use g_strdup rather than strdup, because the sole caller
(qdev_get_fw_dev_path_helper) assumes it gets non-NULL, and dereferences
it. Besides, in that caller, the allocated buffer is already freed with
g_free, so it's better to allocate with a matching g_strdup.
In one
Kevin Wolf wrote:
> Am 16.05.2012 15:07, schrieb Jim Meyering:
>> From: Jim Meyering
>>
>> Signed-off-by: Jim Meyering
>
> Acked-by: Kevin Wolf
Hi Kevin,
AFAICS, only one of these 6 patches has been applied.
>From what I recall (it's been nearly 3mo), ther
Jim Meyering wrote:
> From: Jim Meyering
>
> Without this, envlist_to_environ may silently fail to copy all
> strings into the destination buffer, and both callers would leak
> any env strings allocated after a failing strdup, because the
> freeing code stops at the first NULL p
Jim Meyering wrote:
> From: Jim Meyering
>
> Following up on discussion here,
>
> http://marc.info/?t=13375948768&r=1&w=2
>
> here are patches to limit the scope of the remaining global variables.
> Most changes simply added a preceding "static".
Kevin Wolf wrote:
> Am 17.08.2012 15:30, schrieb Jim Meyering:
>> Kevin Wolf wrote:
>>> Am 16.05.2012 15:07, schrieb Jim Meyering:
>>>> From: Jim Meyering
>>>>
>>>> Signed-off-by: Jim Meyering
>>>
>>> Acked-by: Kevin
Andreas Färber wrote:
> Am 17.08.2012 15:35, schrieb Jim Meyering:
>> Jim Meyering wrote:
>>> From: Jim Meyering
>>>
>>> Without this, envlist_to_environ may silently fail to copy all
>>> strings into the destination buffer, and both callers wou
From: Jim Meyering
Differences from v3 (no semantic change):
- change 1/2 so this file conforms more closely to QEMU's coding style,
by adding braces around each one-line if body (there was no one-line
else- or while-block).
- move an indentation correction from 2/2 into 1/2
From: Jim Meyering
Convert each TAB(width-4) to equivalent spaces.
Put braces around each one-line if-body.
Signed-off-by: Jim Meyering
---
envlist.c | 268 --
1 file changed, 140 insertions(+), 128 deletions(-)
diff --git a
From: Jim Meyering
Without this, envlist_to_environ may silently fail to copy all
strings into the destination buffer, and both callers would leak
any env strings allocated after a failing strdup, because the
freeing code stops at the first NULL pointer.
Signed-off-by: Jim Meyering
Andreas Färber wrote:
> Am 22.05.2012 12:16, schrieb Jim Meyering:
>> From: Jim Meyering
>>
>> Without this, envlist_to_environ may silently fail to copy all
>> strings into the destination buffer, and both callers would leak
>> any env strings allocated af
From: Jim Meyering
Signed-off-by: Jim Meyering
---
qemu-ga.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/qemu-ga.c b/qemu-ga.c
index 8f87621..26671fe 100644
--- a/qemu-ga.c
+++ b/qemu-ga.c
@@ -247,6 +247,9 @@ static bool ga_open_pidfile(const char *pidfile)
pidfd = open
From: Jim Meyering
Also, use g_malloc to avoid NULL-deref upon OOM.
Signed-off-by: Jim Meyering
---
linux-user/syscall.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 41c869b..1174306 100644
--- a/linux-user/syscall.c
From: Jim Meyering
Hi Anthony,
I posted this series back in May, got some good feedback leading to a
pair of v2 patches. Since then one of the 6 patches was applied.
I'm calling this v3, but it is merely a trivial rebase of the v1 and v2
patches. Hoping it's not too late for 1.2, he
From: Jim Meyering
Always call unlock_user before returning.
Signed-off-by: Jim Meyering
---
target-arm/arm-semi.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/target-arm/arm-semi.c b/target-arm/arm-semi.c
index 2495206..73bde58 100644
--- a/target-arm/arm
From: Jim Meyering
Signed-off-by: Jim Meyering
---
block/sheepdog.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/block/sheepdog.c b/block/sheepdog.c
index a04ad99..df4f441 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -485,6 +485,7 @@ static int connect_to_sdog(const char
From: Jim Meyering
Return NULL upon malloc failure.
Signed-off-by: Jim Meyering
---
softmmu-semi.h | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/softmmu-semi.h b/softmmu-semi.h
index 648cb95..bcb979a 100644
--- a/softmmu-semi.h
+++ b/softmmu-semi.h
@@ -40,7 +40,7
From: Jim Meyering
Actually do what the comment says, using pstrcpy NUL-terminate:
strncpy does not always do that.
Signed-off-by: Jim Meyering
---
hw/lm32_hwsetup.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/lm32_hwsetup.h b/hw/lm32_hwsetup.h
index 8fc285e
From: Jim Meyering
Also, use PATH_MAX, rather than the arbitrary 1024.
Using PATH_MAX is more consistent with other filename-related
variables in this file, like backing_filename and tmp_filename.
Acked-by: Kevin Wolf
Signed-off-by: Jim Meyering
---
block.c | 5 +++--
1 file changed, 3
From: Jim Meyering
Don't bother with strncpy. There's no need for its zero-fill.
Use g_strndup in place of g_malloc+strncpy+NUL-terminate.
Signed-off-by: Jim Meyering
---
ui/vnc-auth-sasl.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/ui/vnc-auth-sasl.
From: Jim Meyering
v9fs_add_dir_node and qemu_v9fs_synth_add_file used strncpy
to form node->name, which requires NUL-termination, but
strncpy does not ensure NUL-termination.
Use pstrcpy, which does.
Acked-by: Aneesh Kumar K.V
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p-synth.c
From: Jim Meyering
Acked-by: Kevin Wolf
Signed-off-by: Jim Meyering
---
block/qcow2.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/block/qcow2.c b/block/qcow2.c
index aa5e603..c1ff31f 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1096,6 +1096,7 @@ int qcow2_update_header
From: Jim Meyering
NUL-termination of the .ifr_name field is not required, but is fine
(and preferable to using strncpy and leaving the reader to wonder),
since the first thing the linux kernel does is to clear the last byte.
Besides, using pstrcpy here makes this setting of ifr_name consistent
From: Jim Meyering
Don't use strncpy when the source string is known to fit
in the destination buffer. Use equivalent memcpy.
We could even use strcpy, here, but some static analyzers
warn about that, so don't add new uses.
Acked-by: David Gibson
Signed-off-by: Jim Meyerin
From: Jim Meyering
Adjust all uses s/strzcpy/strncpy/ and mark these uses
of strncpy as "ok".
Signed-off-by: Jim Meyering
---
hw/acpi.c | 24
1 file changed, 8 insertions(+), 16 deletions(-)
diff --git a/hw/acpi.c b/hw/acpi.c
index f7950be..f4aca49 10064
From: Jim Meyering
In all of these cases, the uses of strncpy were unnecessary, since
at each point of use we know that the NUL-terminated source bytes
fit in the destination buffer. Use memcpy in place of strncpy.
Acked-by: Aneesh Kumar K.V
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p
Peter Maydell wrote:
> On 4 October 2012 12:09, Jim Meyering wrote:
>> From: Jim Meyering
>>
>> Don't bother with strncpy. There's no need for its zero-fill.
>> Use g_strndup in place of g_malloc+strncpy+NUL-terminate.
>>
>> Signed-off-by
From: Jim Meyering
Replace strncpy+NUL-terminate use with use of pstrcpy.
This requires linking with cutils.o (or else vssclient doesn't link),
so add that in the Makefile.
Acked-by: Alon Levy
Signed-off-by: Jim Meyering
---
libcacard/Makefile | 3 +++
libcacard/vcard_emul_nss.
From: Jim Meyering
In bt_hci_name_req a failed snprintf could return len larger than
sizeof(params.name), which means the following memset call would
have a "length" value of (size_t)-1, -2, etc... Sounds scary.
But currently, one can deduce that there is no problem:
strlen(slave->
From: Jim Meyering
This avoids a NULL-deref upon strdup failure.
Also update matching free to g_free.
Signed-off-by: Jim Meyering
---
target-sparc/cpu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target-sparc/cpu.c b/target-sparc/cpu.c
index f7c004c..eb9f0e7
From: Jim Meyering
Remove two uses of strdup (use g_path_get_basename instead),
and add a comment that this strncpy use is ok.
Reviewed-by: Peter Maydell
Signed-off-by: Jim Meyering
---
linux-user/elfload.c | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a
From: Jim Meyering
I included a quick classification of these change sets for the original series,
(see https://lists.gnu.org/archive/html/qemu-devel/2012-05/msg01151.html)
rebased in late May but perhaps the release-related timing was off.
I've rebased one last time to prepare this v3 s
From: Jim Meyering
A terminal NUL is required by caller's use of strchr.
It's better not to use strncpy at all, since there is no need
to zero out hundreds of trailing bytes for each iteration.
Signed-off-by: Jim Meyering
---
target-ppc/kvm.c | 2 +-
1 file changed, 1 insertion(+),
From: Jim Meyering
Avoid strncpy+manual-NUL-terminate. Use pstrcpy instead.
Acked-by: Kevin Wolf
Signed-off-by: Jim Meyering
---
block/vmdk.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/block/vmdk.c b/block/vmdk.c
index f2e861b..1a80e5a 100644
--- a/block/vmdk.c
From: Jim Meyering
Use g_strdup rather than strdup, because the sole caller
(qdev_get_fw_dev_path_helper) assumes it gets non-NULL, and dereferences
it. Besides, in that caller, the allocated buffer is already freed with
g_free, so it's better to allocate with a matching g_strdup.
In one
From: Jim Meyering
Reword the section on strncpy: its NUL-filling is important
in some cases. Mention that pstrcpy's signature is different.
Signed-off-by: Jim Meyering
---
HACKING | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/HACKING b/HACKING
index 47
From: Jim Meyering
os_set_proc_name: Use pstrcpy, in place of strncpy and the
ineffectual preceding assignment: name[sizeof(name) - 1] = 0;
Signed-off-by: Jim Meyering
---
os-posix.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/os-posix.c b/os-posix.c
index eabccb8
From: Jim Meyering
* parse_vdiname: Use pstrcpy, not strncpy, when the destination
buffer must be NUL-terminated.
* sd_open: Likewise, avoid buffer overrun.
* do_sd_create: Likewise. Leave the preceding memset, since
pstrcpy does not NUL-fill, and filename needs that.
* sd_snapshot_create: Add
From: Jim Meyering
Signed-off-by: Jim Meyering
---
hw/r2d.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/r2d.c b/hw/r2d.c
index 0f16e81..1bc191f 100644
--- a/hw/r2d.c
+++ b/hw/r2d.c
@@ -332,6 +332,8 @@ static void r2d_init(ram_addr_t ram_size,
}
if (kernel_cmdline
Eric Blake wrote:
> On 08/03/2011 08:37 AM, Jim Fehlig wrote:
>> http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg01156.html
>>
>> I thought there were more discussions on the topic but can only find the
>> above thread ATM.
>>
>> Do folks here have
-2652.
http://bugzilla.redhat.com/CVE-2012-2652
Signed-off-by: Jim Meyering
---
Note that I haven't tried to see if the _WIN32 -GetLastError() return
value is properly diagnosed as it is propagated up the call stack.
block.c | 37 -
block/vvfat.c
Anthony Liguori wrote:
> On 05/09/2012 10:12 PM, Jim Meyering wrote:
>> Peter Maydell wrote:
>>> On 9 May 2012 15:01, Jim Meyering wrote:
>>>> From 402100deb7e27b1d7ac619ebac963f861fae91b0 Mon Sep 17 00:00:00 2001
>>>> From: Jim Meyering
>>>
From: Jim Meyering
Also, use PATH_MAX, rather than the arbitrary 1024.
Using PATH_MAX is more consistent with other filename-related
variables in this file, like backing_filename and tmp_filename.
Acked-by: Kevin Wolf
Signed-off-by: Jim Meyering
---
block.c | 5 +++--
1 file changed, 3
From: Jim Meyering
Signed-off-by: Jim Meyering
---
hw/r2d.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/r2d.c b/hw/r2d.c
index c55de01..ed841c5 100644
--- a/hw/r2d.c
+++ b/hw/r2d.c
@@ -328,6 +328,8 @@ static void r2d_init(ram_addr_t ram_size,
}
if (kernel_cmdline
Anthony Liguori wrote:
> On 05/30/2012 03:12 PM, Jim Meyering wrote:
>> Anthony Liguori wrote:
>>> On 05/09/2012 10:12 PM, Jim Meyering wrote:
>>>> Peter Maydell wrote:
>>>>> On 9 May 2012 15:01, Jim Meyering wrote:
>>>>>>From 40
From: Jim Meyering
A terminal NUL is required by caller's use of strchr.
It's better not to use strncpy at all, since there is no need
to zero out hundreds of trailing bytes for each iteration.
Signed-off-by: Jim Meyering
---
target-ppc/kvm.c | 2 +-
1 file changed, 1 insertion(+),
From: Jim Meyering
This avoids a NULL-deref upon strdup failure.
Also update matching free to g_free.
Signed-off-by: Jim Meyering
---
target-sparc/cpu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target-sparc/cpu.c b/target-sparc/cpu.c
index 7ac6bdb..1e31318
From: Jim Meyering
In bt_hci_name_req a failed snprintf could return len larger than
sizeof(params.name), which means the following memset call would
have a "length" value of (size_t)-1, -2, etc... Sounds scary.
But currently, one can deduce that there is no problem:
strlen(slave->
From: Jim Meyering
Don't use strncpy when the source string is known to fit
in the destination buffer. Use equivalent memcpy.
We could even use strcpy, here, but some static analyzers
warn about that, so don't add new uses.
Acked-by: David Gibson
Signed-off-by: Jim Meyerin
From: Jim Meyering
In all of these cases, the uses of strncpy were unnecessary, since
at each point of use we know that the NUL-terminated source bytes
fit in the destination buffer. Use memcpy in place of strncpy.
Acked-by: Aneesh Kumar K.V
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p
From: Jim Meyering
NUL-termination of the .ifr_name field is not required, but is fine
(and preferable to using strncpy and leaving the reader to wonder),
since the first thing the linux kernel does is to clear the last byte.
Besides, using pstrcpy here makes this setting of ifr_name consistent
From: Jim Meyering
* parse_vdiname: Use pstrcpy, not strncpy, when the destination
buffer must be NUL-terminated.
* sd_open: Likewise, avoid buffer overrun.
* do_sd_create: Likewise. Leave the preceding memset, since
pstrcpy does not NUL-fill, and filename needs that.
* sd_snapshot_create: Add
From: Jim Meyering
Use g_strdup rather than strdup, because the sole caller
(qdev_get_fw_dev_path_helper) assumes it gets non-NULL, and dereferences
it. Besides, in that caller, the allocated buffer is already freed with
g_free, so it's better to allocate with a matching g_strdup.
In one
From: Jim Meyering
Acked-by: Kevin Wolf
Signed-off-by: Jim Meyering
---
block/qcow2.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/block/qcow2.c b/block/qcow2.c
index c2e49cd..6d34f1a 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -994,6 +994,7 @@ int qcow2_update_header
From: Jim Meyering
v9fs_add_dir_node and qemu_v9fs_synth_add_file used strncpy
to form node->name, which requires NUL-termination, but
strncpy does not ensure NUL-termination.
Use pstrcpy, which does.
Acked-by: Aneesh Kumar K.V
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p-synth.c
From: Jim Meyering
Reword the section on strncpy: its NUL-filling is important
in some cases. Mention that pstrcpy's signature is different.
Signed-off-by: Jim Meyering
---
HACKING | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/HACKING b/HACKING
index 47
From: Jim Meyering
os_set_proc_name: Use pstrcpy, in place of strncpy and the
ineffectual preceding assignment: name[sizeof(name) - 1] = 0;
Signed-off-by: Jim Meyering
---
os-posix.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/os-posix.c b/os-posix.c
index daf3d6f
From: Jim Meyering
Use pstrcpy rather than strncpy in one more case
(in cpudef_setfield). This makes our handling of ->model_id
consistent with another pstrcpy-vs-model_id use below.
Signed-off-by: Jim Meyering
---
target-i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
d
From: Jim Meyering
Don't bother with strncpy. There's no need for its zero-fill.
Use g_strndup in place of g_malloc+strncpy+NUL-terminate.
Signed-off-by: Jim Meyering
---
ui/vnc-auth-sasl.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/ui/vnc-auth-sasl.
From: Jim Meyering
Signed-off-by: Jim Meyering
---
hw/scsi-bus.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index 3edda28..98170c3 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -406,6 +406,7 @@ static bool scsi_target_emulate_inquiry(SCSITargetReq *r
From: Jim Meyering
Adjust all uses s/strzcpy/strncpy/ and mark these uses
of strncpy as "ok".
Signed-off-by: Jim Meyering
---
hw/acpi.c | 24
1 file changed, 8 insertions(+), 16 deletions(-)
diff --git a/hw/acpi.c b/hw/acpi.c
index 5d521e5..45ab345 10064
From: Jim Meyering
Remove two uses of strdup (use g_path_get_basename instead),
and add a comment that this strncpy use is ok.
Reviewed-by: Peter Maydell
Signed-off-by: Jim Meyering
---
linux-user/elfload.c | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a
From: Jim Meyering
Replace strncpy+NUL-terminate use with use of pstrcpy.
This requires linking with cutils.o (or else vssclient doesn't link),
so add that in the Makefile.
Acked-by: Alon Levy
Signed-off-by: Jim Meyering
---
libcacard/Makefile | 2 +-
libcacard/vcard_emul_nss.
From: Jim Meyering
Avoid strncpy+manual-NUL-terminate. Use pstrcpy instead.
Acked-by: Kevin Wolf
Signed-off-by: Jim Meyering
---
block/vmdk.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/block/vmdk.c b/block/vmdk.c
index 18e9b4c..bfd7357 100644
--- a/block/vmdk.c
From: Jim Meyering
Given qemu's HACKING comments, I'm sure many here have read "man strncpy",
where it indicates it is often not the best function to use.
However, many of the uses of strncpy in qemu mistakenly fail to ensure
that the destination buffer is NUL-terminated.
From: Jim Meyering
Actually do what the comment says, using pstrcpy NUL-terminate:
strncpy does not always do that.
Signed-off-by: Jim Meyering
---
hw/lm32_hwsetup.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/lm32_hwsetup.h b/hw/lm32_hwsetup.h
index 8fc285e
Stefan Weil wrote:
> Am 30.05.2012 09:46, schrieb Jim Meyering:
>> From: Jim Meyering
>>
>> Also, use PATH_MAX, rather than the arbitrary 1024.
>> Using PATH_MAX is more consistent with other filename-related
>> variables in this file, like backing_filename and tm
\e]10;?\e\\' and '\e]11;?\e\\' will report the colors, e.g.:
#!/bin/bash
read -s -r -d \\ -p `printf '\e]10;?\e\\'` -t 1 fg
[ $? -ne 0 ] && fg="no response"
echo "foreground: $fg" | cat -v
read -s -r -d \\ -p `printf '\e]11;?\e\\'` -t 1 bg
[ $? -ne 0 ] && bg="no response"
echo "background: $bg" | cat -v
-jim
66 83 07 02 c3 90 8b 37 f0 66 83 07 02 47
02 01 74 f1 55 48 89 e5 e8 fd 2c ff ff 5d c3 0f 1f 84 00
Does anyone have any quick thoughts on what the issue could be, or any
advice on how to get further appropriate debugging information to help
get to the bottom of it?
Thanks,
Jim
vm-dmesg.gz
Description: application/gzip
Hi again, thanks for replying,
On 03/02/16 23:19, Paolo Bonzini wrote:
On 03/02/2016 22:46, Jim Minter wrote:
I am hitting the following VM lockup issue running a VM with latest
RHEL7 kernel on a host also running latest RHEL7 kernel. FWIW I'm using
virtio-scsi because I want to use di
FWIW, I've now done:
echo 300 >/sys/block/sda/device/timeout
Not entirely sure whether it would help or not, but so far I haven't had
a recurrence.
Cheers,
Jim
--
Jim Minter
Principal Solution Architect, Red Hat UK
e: jmin...@redhat.com
m: +44 (0)7906 098697
cal:
https://w
ing to the QEMU version shipped with RHEV
(qemu-kvm-rhev-2.3.0-31.el7_2.7) to see if that helps - so far so good.
My best guess is that there's a missing bugfix in the RHEL 7 qemu
1.5.3 codebase, but which is fixed upstream and in the RHEV QEMU release.
Cheers,
Jim
On 04/02/16 13:41, Jim
From: Jim Meyering
v9fs_add_dir_node and qemu_v9fs_synth_add_file used strncpy
to form node->name, which requires NUL-termination, but
strncpy does not ensure NUL-termination.
Use pstrcpy, which does.
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p-synth.c | 4 ++--
1 file changed
From: Jim Meyering
A terminal NUL is required by caller's use of strchr.
It's better not to use strncpy at all, since there is no need
to zero out hundreds of trailing bytes for each iteration.
Signed-off-by: Jim Meyering
---
target-ppc/kvm.c | 2 +-
1 file changed, 1 insertion(+),
From: Jim Meyering
Adjust all uses s/strzcpy/strncpy/ and mark these uses
of strncpy as "ok".
Signed-off-by: Jim Meyering
---
hw/acpi.c | 24
1 file changed, 8 insertions(+), 16 deletions(-)
diff --git a/hw/acpi.c b/hw/acpi.c
index 5d521e5..45ab345 10064
From: Jim Meyering
Don't bother with strncpy. There's no need for its zero-fill.
Use g_strndup in place of g_malloc+strncpy+NUL-terminate.
Signed-off-by: Jim Meyering
---
ui/vnc-auth-sasl.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/ui/vnc-auth-sasl.
Peter Maydell wrote:
> On 9 May 2012 10:23, Jim Meyering wrote:
>> From: Jim Meyering
>>
>> Remove unnecessary and unchecked uses of strdup,
>> and add a comment that this strncpy use is ok.
>>
>> Signed-off-by: Jim Meyering
>> ---
>> linux-u
From: Jim Meyering
os_set_proc_name: Use pstrcpy, in place of strncpy and the
ineffectual preceding assignment: name[sizeof(name) - 1] = 0;
Signed-off-by: Jim Meyering
---
os-posix.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/os-posix.c b/os-posix.c
index daf3d6f
From: Jim Meyering
strncpy does not guarantee NUL-termination.
Setting dest[n-1] = '\0' *before* calling strncpy(dest, src, n-1)
is a no-op. Use pstrcpy to ensure NUL-termination, not strncpy.
Signed-off-by: Jim Meyering
---
block/vmdk.c | 3 +--
1 file changed, 1 insertion(+), 2
From: Jim Meyering
Also, use PATH_MAX, rather than the arbitrary 1024.
Using PATH_MAX is more consistent with other filename-related
variables in this file, like backing_filename and tmp_filename.
Signed-off-by: Jim Meyering
---
block.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions
From: Jim Meyering
Replace strncpy+NUL-terminate use with use of pstrcpy.
This requires linking with cutils.o (or else vssclient doesn't link),
so add that in the Makefile.
Signed-off-by: Jim Meyering
---
libcacard/Makefile | 2 +-
libcacard/vcard_emul_nss.c | 3 +--
2 files ch
Peter Maydell wrote:
> On 9 May 2012 14:42, Jim Meyering wrote:
>> From 5dce6a052cdc2a45ada3e3e96a8c3ef4e90f Mon Sep 17 00:00:00 2001
>> From: Jim Meyering
>> Date: Mon, 7 May 2012 18:34:26 +0200
>> Subject: [PATCH] linux-user: remove two unchecked uses of strd
Kevin Wolf wrote:
> Am 09.05.2012 11:23, schrieb Jim Meyering:
>> From: Jim Meyering
>>
>> strncpy does not guarantee NUL-termination.
>> Setting dest[n-1] = '\0' *before* calling strncpy(dest, src, n-1)
>> is a no-op. Use pstrcpy to ensure NUL-termi
From: Jim Meyering
Remove unnecessary and unchecked uses of strdup,
and add a comment that this strncpy use is ok.
Signed-off-by: Jim Meyering
---
linux-user/elfload.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
Peter Maydell wrote:
> On 9 May 2012 15:01, Jim Meyering wrote:
>> From 402100deb7e27b1d7ac619ebac963f861fae91b0 Mon Sep 17 00:00:00 2001
>> From: Jim Meyering
>> Date: Mon, 7 May 2012 18:34:26 +0200
>> Subject: [PATCH] linux-user: remove two unchecked uses of strd
Peter Maydell wrote:
> On 9 May 2012 10:24, Jim Meyering wrote:
>> From: Jim Meyering
>>
>> Adjust all uses s/strzcpy/strncpy/ and mark these uses
>> of strncpy as "ok".
>
> Note that this will conflict with Paolo's patch
> http://patchwor
Aneesh Kumar K.V wrote:
> Jim Meyering writes:
>
>> From: Jim Meyering
>>
>> The use of strncpy in pt_listxattr is unnecessary, since we
>> know that the NUL-terminated source bytes fit in the destination
>> buffer. Use memcpy in place of strncpy.
>>
From: Jim Meyering
Signed-off-by: Jim Meyering
---
block/qcow2.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/block/qcow2.c b/block/qcow2.c
index 8c60a6f..abc985e 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -990,6 +990,7 @@ int qcow2_update_header(BlockDriverState *bs
From: Jim Meyering
Don't use strncpy when the source string is known to fit
in the destination buffer. Use equivalent memcpy.
We could even use strcpy, here, but some static analyzers
warn about that, so don't add new uses.
Signed-off-by: Jim Meyering
---
hw/spapr_vscsi.c | 2
From: Jim Meyering
In both mp_pacl_listxattr and mp_dacl_listxattr, the uses of strncpy
were unnecessary, since at each point of use we know that the
NUL-terminated source bytes fit in the destination buffer.
Use memcpy in place of strncpy.
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p
From: Jim Meyering
NUL-termination of the .ifr_name field is not required, but is fine
(and preferable to using strncpy and leaving the reader to wonder),
since the first thing the linux kernel does is to clear the last byte.
Besides, using pstrcpy here makes this setting of ifr_name consistent
From: Jim Meyering
The use of strncpy in pt_listxattr is unnecessary, since we
know that the NUL-terminated source bytes fit in the destination
buffer. Use memcpy in place of strncpy.
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p-xattr.c | 3 ++-
1 file changed, 2 insertions(+), 1
From: Jim Meyering
The use of strncpy in mp_user_listxattr is unnecessary, since we
know that the NUL-terminated source bytes fit in the destination
buffer. Use memcpy in place of strncpy.
Signed-off-by: Jim Meyering
---
hw/9pfs/virtio-9p-xattr-user.c | 3 ++-
1 file changed, 2 insertions
From: Jim Meyering
* parse_vdiname: Use pstrcpy, not strncpy, when the destination
buffer must be NUL-terminated.
* sd_open: Likewise, avoid buffer overrun.
* do_sd_create: Likewise. Leave the preceding memset, since
pstrcpy does not NUL-fill, and filename needs that.
* sd_snapshot_create: Add
From: Jim Meyering
In bt_hci_name_req a failed snprintf could return len larger than
sizeof(params.name), which means the following memset call would
have a "length" value of (size_t)-1, -2, etc... Sounds scary.
But currently, one can deduce that there is no problem:
strlen(slave->
Alexander Graf wrote:
> Hrm :)
That appears to be due to scripts/get_maintainer.pl not sanitizing
its output addresses. E.g., using my 06/22 patch, I get this bogus Cc:
$ scripts/get_maintainer.pl 0006-*|grep open
qemu-devel@nongnu.org (open list:POSIX)
> Original Message -
Peter Maydell wrote:
> Signed-off-by: Peter Maydell
> ---
> NB: might trivially textually conflict with Jim Meyering's
> strncpy fix here. (I spotted this typo in the context lines
> for his patch...)
>
> qga/commands-posix.c |2 +-
> 1 files changed, 1 insertion
1 - 100 of 679 matches
Mail list logo
