On 12/1/2010 1:35 AM, Stefan Hajnoczi wrote: > On Tue, Nov 30, 2010 at 9:52 AM, Sanchit Garg > <sancg...@linux.vnet.ibm.com> wrote: >> @@ -3707,19 +3708,19 @@ VirtIODevice *virtio_9p_init(DeviceState *dev, >> V9fsConf *conf) >> s->ctx.fs_sm = SM_NONE; >> s->ctx.xops = none_xattr_ops; >> } else { >> - fprintf(stderr, "Default to security_model=none. You may want" >> + error_report("Default to security_model=none. You may want" >> " enable advanced security model using " >> "security option:\n\t security_model=passthrough \n\t " >> - "security_model=mapped\n"); >> + "security_model=mapped"); >> s->ctx.fs_sm = SM_NONE; >> s->ctx.xops = none_xattr_ops; >> } > > It would be safer to avoid embedded \n\t. Although I can't find > anything prohibiting it in the source, no other place does this. > Program output is easier to handle when constrained to one message per > line. Security issues arise when unfiltered inputs are logged *and* > linebreaks are allowed because malicious input can inject fake log > lines. Let's avoid getting into the habit.
Embedded breaks were introduced to give more readable and formatted output. Stafan do you suggest to print the entire message in one line? - JV > > Looks good otherwise. > > Stefan >