On 07/28/2014 09:30 AM, Ján Tomko wrote:
> We parse the bandwidth rates as unsinged long long,
> then try to fit them in VIR_TYPED_PARAM_UINT.
>
> Report an error if they exceed UINT_MAX instead of
> quietly using wrong values.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1043735
> ---
> tools/virsh-domain.c | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
> diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
> index ad68aab..f7193cb 100644
> --- a/tools/virsh-domain.c
> +++ b/tools/virsh-domain.c
> @@ -2686,6 +2686,14 @@ cmdDomIftune(vshControl *ctl, const vshCmd *cmd)
> vshError(ctl, _("inbound format is incorrect"));
> goto cleanup;
> }
I think the parseRateStr() should be modified that way the
attach-interface can also make use of this range check as well...
John
> + /* we parse the rate as unsigned long long, but the API
> + * only accepts UINT */
> + if (inbound.average > UINT_MAX || inbound.peak > UINT_MAX ||
> + inbound.burst > UINT_MAX) {
> + vshError(ctl, _("inbound rate larger than maximum %u"),
> + UINT_MAX);
> + goto cleanup;
> + }
> if (inbound.average == 0 && (inbound.burst || inbound.peak)) {
> vshError(ctl, _("inbound average is mandatory"));
> goto cleanup;
> @@ -2714,6 +2722,12 @@ cmdDomIftune(vshControl *ctl, const vshCmd *cmd)
> vshError(ctl, _("outbound format is incorrect"));
> goto cleanup;
> }
> + if (outbound.average > UINT_MAX || outbound.peak > UINT_MAX ||
> + outbound.burst > UINT_MAX) {
> + vshError(ctl, _("outbound rate larger than maximum %u"),
> + UINT_MAX);
> + goto cleanup;
> + }
> if (outbound.average == 0 && (outbound.burst || outbound.peak)) {
> vshError(ctl, _("outbound average is mandatory"));
> goto cleanup;
>
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
