Re: [Libguestfs] [PATCH nbdkit v2] server: public: Add nbdkit_parse_* functions for safely parsing integers.
On 9/23/19 4:21 PM, Eric Blake wrote:
> else if (strcmp (key, "timeout") == 0) {
> - if (sscanf (value, "%ld", &timeout) != 1) {
> - nbdkit_error ("cannot parse timeout: %s", value);
> + if (nbdkit_parse_uint32_t ("timeout", value, &timeout) == -1)
> + return -1;
> + /* Because we have to cast it to long before calling the libssh API. */
> + if (timeout > LONG_MAX) {
> + nbdkit_error ("timeout too large");
C17 5.2.4.2.1 requires 'long' to be at least 32 bits. Ergo, (uint32_t)
timeout > LONG_MAX is always false. You could assert() rather than
trying to use nbdkit_error().
Whoops, I mixed signed v unsigned.
(int32_t)x > LONG_MAX is always false,
(uint32_t)x > ULONG_MAX is always false,
but
(uint32_t)x > LONG_MAX can be true. Keep the check as-is.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 488 bytes)