On Fri, 2016-05-20 at 14:50 +0200, Christophe Fergeau wrote:
> On Thu, May 19, 2016 at 06:38:08PM +0200, Pavel Grunt wrote:
> > Related: rhbz#1335239
> > ---
> > src/spice-uri.c | 8 ++++++--
> > tests/test-spice-uri.c | 2 ++
> > 2 files changed, 8 insertions(+), 2 deletions(-)
> >
> > diff --git a/src/spice-uri.c b/src/spice-uri.c
> > index b483374..6a43461 100644
> > --- a/src/spice-uri.c
> > +++ b/src/spice-uri.c
> > @@ -165,8 +165,8 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar
> > *_uri, GError **error)
> > uri_port = uriv[1];
> >
> > if (uri_port != NULL) {
> > - char *endptr;
> > - guint port = strtoul(uri_port, &endptr, 10);
> > + gchar *endptr;
> > + gint64 port = g_ascii_strtoll(uri_port, &endptr, 10);
>
> Not sure this is 100% related to this change? but why not
It helps to detect negative values (strtoul "converts" negative number to
positive/treats it as negative w/o the sign?) - I'll mention the reason for
change in the commit log.
>
> > if (*endptr != '\0') {
> > g_set_error(error, SPICE_CLIENT_ERROR,
> > SPICE_CLIENT_ERROR_FAILED,
> > "Invalid uri port: %s", uri_port);
> > @@ -175,6 +175,10 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar
> > *_uri, GError **error)
> > g_set_error(error, SPICE_CLIENT_ERROR,
> > SPICE_CLIENT_ERROR_FAILED, "Missing uri port");
> > goto end;
> > }
> > + if (port < 0 || port > 65535) {
> > + g_set_error(error, SPICE_CLIENT_ERROR,
> > SPICE_CLIENT_ERROR_FAILED, "Port out of range");
> > + goto end;
> > + }
>
> I'd check for <= 0
Ok, I'll change it.
Thanks
Pavel
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel