qemu-img: Tighten parsing of size arguments

strtosz_suffix() fails unless the size is followed by 0, whitespace or
','.  Useless here, because we need to fail for any junk following the
size, even if it starts with whitespace or ','.  Check manually.
Things like "qemu-img create xxx 1024," and "qemu-img convert -S '1024
junk'" are now caught.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

1 files changed, 6 insertions, 4 deletions

diff --git a/qemu-img.c b/qemu-img.c
index 86127f0b11..8bdae66490 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -332,8 +332,9 @@ static int img_create(int argc, char **argv)
     /* Get image size, if specified */
     if (optind < argc) {
         int64_t sval;
-        sval = strtosz_suffix(argv[optind++], NULL, STRTOSZ_DEFSUFFIX_B);
-        if (sval < 0) {
+        char *end;
+        sval = strtosz_suffix(argv[optind++], &end, STRTOSZ_DEFSUFFIX_B);
+        if (sval < 0 || *end) {
             error_report("Invalid image size specified! You may use k, M, G or "
                   "T suffixes for ");
             error_report("kilobytes, megabytes, gigabytes and terabytes.");
@@ -710,8 +711,9 @@ static int img_convert(int argc, char **argv)
         case 'S':
         {
             int64_t sval;
-            sval = strtosz_suffix(optarg, NULL, STRTOSZ_DEFSUFFIX_B);
-            if (sval < 0) {
+            char *end;
+            sval = strtosz_suffix(optarg, &end, STRTOSZ_DEFSUFFIX_B);
+            if (sval < 0 || *end) {
                 error_report("Invalid minimum zero buffer size for sparse output specified");
                 return 1;
             }