Re: [PATCH 2/3] tests: Don't pass INT_MAX to virFileReadAll()

Peter Krempa <pkrempa@xxxxxxxxxx> · Mon, 14 Jun 2021 13:35:56 +0200

On Mon, Jun 14, 2021 at 13:06:13 +0200, Michal Privoznik wrote:
> In a few occasions in tests we pass INT_MAX to
> virFileReadLimFD(). This is not safe because virFileReadAll()
> will call virFileReadLimFD() under the hood which takes the limit
> and adds 1 to it. And since we use signed integer for all of this
> an overflow will occur.
> 
> Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
> ---
>  tests/networkxml2firewalltest.c | 2 +-
>  tests/testutils.c               | 4 ++--
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/tests/networkxml2firewalltest.c b/tests/networkxml2firewalltest.c
> index 91336a0c55..facbc20a0c 100644
> --- a/tests/networkxml2firewalltest.c
> +++ b/tests/networkxml2firewalltest.c
> @@ -176,7 +176,7 @@ mymain(void)
>  
>      basefile = g_strdup_printf("%s/networkxml2firewalldata/base.args", abs_srcdir);
>  
> -    if (virFileReadAll(basefile, INT_MAX, &baseargs) < 0)
> +    if (virFileReadAll(basefile, INT_MAX - 1, &baseargs) < 0)

While you are fixing all instances of this problem this won't fix any
further mistakes that can happen. At the very least you should document
this quirk in the function header.