diff options
author | Markus Armbruster <armbru@redhat.com> | 2017-02-21 21:13:53 +0100 |
---|---|---|
committer | Markus Armbruster <armbru@redhat.com> | 2017-02-23 20:35:35 +0100 |
commit | 3403e5eb884f3a74c40fe7cccc103f848c040215 (patch) | |
tree | 1e3323f01f81d93c8f8de2dfe495f66a243b7c86 /util/qemu-option.c | |
parent | 4baef2679e029c76707be1e2ed54bf3dd21693fe (diff) |
option: Fix to reject invalid and overflowing numbers
parse_option_number() fails to check for these errors after
strtoull(). Has always been broken. Fix that.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1487708048-2131-10-git-send-email-armbru@redhat.com>
Diffstat (limited to 'util/qemu-option.c')
-rw-r--r-- | util/qemu-option.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/util/qemu-option.c b/util/qemu-option.c index 9708668847..273d00d485 100644 --- a/util/qemu-option.c +++ b/util/qemu-option.c @@ -141,11 +141,16 @@ static void parse_option_bool(const char *name, const char *value, bool *ret, static void parse_option_number(const char *name, const char *value, uint64_t *ret, Error **errp) { - char *postfix; uint64_t number; + int err; - number = strtoull(value, &postfix, 0); - if (*postfix != '\0') { + err = qemu_strtou64(value, NULL, 0, &number); + if (err == -ERANGE) { + error_setg(errp, "Value '%s' is too large for parameter '%s'", + value, name); + return; + } + if (err) { error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a number"); return; } |