From: Laszlo Ersek <lersek@redhat.com>
To: qemu-devel@nongnu.org, lersek@redhat.com
Cc: Marcel Apfelbaum <marcel@redhat.com>,
Markus Armbruster <armbru@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>
Subject: [Qemu-devel] [PATCH v6 5/7] hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf()
Date: Wed, 17 Jun 2015 14:45:03 +0200 [thread overview]
Message-ID: <1434545105-5811-6-git-send-email-lersek@redhat.com> (raw)
In-Reply-To: <1434545105-5811-1-git-send-email-lersek@redhat.com>
This is done mainly for improving readability, and in preparation for the
next patch, but Markus pointed out another bonus for the string being
returned:
"No arbitrary length limit. Before the patch, it's 39 characters, and the
code breaks catastrophically when qdev_fw_name() is longer: the second
snprintf() is called with its first argument pointing beyond path[], and
its second argument underflowing to a huge size."
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
---
Notes:
v6:
- no changes
v5:
- separate "%s@" from TARGET_FMT_plx with a space [Markus]
- copied Markus's note about "no arbitrary length limit" on the retval
into the commit message
v4:
- unchanged
v3:
- new in v3
hw/core/sysbus.c | 16 ++++++----------
1 file changed, 6 insertions(+), 10 deletions(-)
diff --git a/hw/core/sysbus.c b/hw/core/sysbus.c
index b53c351..92eced9 100644
--- a/hw/core/sysbus.c
+++ b/hw/core/sysbus.c
@@ -281,19 +281,15 @@ static void sysbus_dev_print(Monitor *mon, DeviceState *dev, int indent)
static char *sysbus_get_fw_dev_path(DeviceState *dev)
{
SysBusDevice *s = SYS_BUS_DEVICE(dev);
- char path[40];
- int off;
-
- off = snprintf(path, sizeof(path), "%s", qdev_fw_name(dev));
if (s->num_mmio) {
- snprintf(path + off, sizeof(path) - off, "@"TARGET_FMT_plx,
- s->mmio[0].addr);
- } else if (s->num_pio) {
- snprintf(path + off, sizeof(path) - off, "@i%04x", s->pio[0]);
+ return g_strdup_printf("%s@" TARGET_FMT_plx, qdev_fw_name(dev),
+ s->mmio[0].addr);
}
-
- return g_strdup(path);
+ if (s->num_pio) {
+ return g_strdup_printf("%s@i%04x", qdev_fw_name(dev), s->pio[0]);
+ }
+ return g_strdup(qdev_fw_name(dev));
}
void sysbus_add_io(SysBusDevice *dev, hwaddr addr,
--
1.8.3.1
next prev parent reply other threads:[~2015-06-17 12:45 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-17 12:44 [Qemu-devel] [PATCH v6 0/7] PXB changes Laszlo Ersek
2015-06-17 12:44 ` [Qemu-devel] [PATCH v6 1/7] migration: introduce VMSTATE_BUFFER_UNSAFE_INFO_TEST() Laszlo Ersek
2015-06-17 12:45 ` [Qemu-devel] [PATCH v6 2/7] hw/pci-bridge: expose _test parameter in SHPC_VMSTATE() Laszlo Ersek
2015-06-17 12:45 ` [Qemu-devel] [PATCH v6 3/7] hw/pci-bridge: introduce "hotplug" property Laszlo Ersek
2015-06-17 13:42 ` Michael S. Tsirkin
2015-06-17 13:55 ` Laszlo Ersek
2015-06-17 14:02 ` Michael S. Tsirkin
2015-06-17 14:15 ` Laszlo Ersek
2015-06-17 19:54 ` Marcel Apfelbaum
2015-06-18 13:47 ` Paolo Bonzini
2015-06-18 14:44 ` Michael S. Tsirkin
2015-06-17 12:45 ` [Qemu-devel] [PATCH v6 4/7] hw/pci-bridge: disable hotplug in PXB Laszlo Ersek
2015-06-17 13:45 ` Michael S. Tsirkin
2015-06-17 19:52 ` Marcel Apfelbaum
2015-06-17 12:45 ` Laszlo Ersek [this message]
2015-06-17 13:46 ` [Qemu-devel] [PATCH v6 5/7] hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf() Michael S. Tsirkin
2015-06-17 13:56 ` Laszlo Ersek
2015-06-17 12:45 ` [Qemu-devel] [PATCH v6 6/7] hw/core: explicit OFW unit address callback for SysBusDeviceClass Laszlo Ersek
2015-06-17 12:45 ` [Qemu-devel] [PATCH v6 7/7] hw/pci-bridge: format SeaBIOS-compliant OFW device node for PXB Laszlo Ersek
2015-06-17 13:57 ` Michael S. Tsirkin
2015-06-17 14:00 ` Laszlo Ersek
2015-06-17 14:03 ` Michael S. Tsirkin
2015-06-17 14:18 ` Kevin O'Connor
2015-06-17 14:45 ` Laszlo Ersek
2015-06-17 15:05 ` Michael S. Tsirkin
2015-06-17 18:16 ` Laszlo Ersek
2015-06-17 18:54 ` Michael S. Tsirkin
2015-06-17 19:15 ` Laszlo Ersek
2015-06-17 19:28 ` Kevin O'Connor
2015-06-17 19:32 ` Michael S. Tsirkin
2015-06-17 19:44 ` Laszlo Ersek
2015-06-17 21:50 ` Michael S. Tsirkin
2015-06-18 13:22 ` Laszlo Ersek
2015-06-18 13:40 ` Michael S. Tsirkin
2015-06-18 15:42 ` Laszlo Ersek
2015-06-17 19:09 ` Kevin O'Connor
2015-06-17 19:21 ` Michael S. Tsirkin
2015-06-17 19:35 ` Laszlo Ersek
2015-06-17 21:49 ` Michael S. Tsirkin
2015-06-18 13:18 ` Laszlo Ersek
2015-06-17 19:38 ` Kevin O'Connor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1434545105-5811-6-git-send-email-lersek@redhat.com \
--to=lersek@redhat.com \
--cc=armbru@redhat.com \
--cc=marcel@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.