Re: [libvirt PATCH 3/4] virFileReadLimFD: Limit maximum file size to INT_MAX - 1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 21, 2021 at 14:46:42 +0200, Tim Wiederhake wrote:
> virFileReadLimFD always returns null-terminated data. To that end, it has to
> add one to the maximum file size. If the maxium file size is INT_MAX, this
> triggers a signed integer overflow.
> 
> There is no instance left where a caller would call virFileReadLimFD with a
> maxium file size of INT_MAX. Make virFileReadLimFD error out if the maximum
> file size is INT_MAX to prevent the reintroduction of this issue.
> 
> Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx>
> ---
>  src/util/virfile.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/util/virfile.c b/src/util/virfile.c
> index 723e1ca6e5..b5600658d5 100644
> --- a/src/util/virfile.c
> +++ b/src/util/virfile.c
> @@ -1418,7 +1418,7 @@ virFileReadLimFD(int fd, int maxlen, char **buf)
>      size_t len;
>      char *s;
>  
> -    if (maxlen <= 0) {
> +    if ((maxlen <= 0) || (maxlen >= INT_MAX)) {
>          errno = EINVAL;
>          return -1;

While '< 0' is common sense here, limiting to INT_MAX -1 should be
mentioned in the docs.

Or better, why aren't we converting this to 'size_t' instead?

saferead_lim is already operating on 'size_t' and I think we could
simply get rid of the overflow checks altogether when working with
size_t.




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux