[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 44fdc7: sockets: Fix socket_address_to_string
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] 44fdc7: sockets: Fix socket_address_to_string() hostname t... |
|
Date: |
Tue, 28 Mar 2017 11:15:09 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 44fdc764550e048a2810955da7cabbfaf636231a
https://github.com/qemu/qemu/commit/44fdc764550e048a2810955da7cabbfaf636231a
Author: Markus Armbruster <address@hidden>
Date: 2017-03-28 (Tue, 28 Mar 2017)
Changed paths:
M util/qemu-sockets.c
Log Message:
-----------
sockets: Fix socket_address_to_string() hostname truncation
We first snprintf() to a fixed buffer, then g_strdup() the result
*boggle*.
Worse, the size of the fixed buffer INET6_ADDRSTRLEN + 5 + 4 is bogus:
the 4 correctly accounts for '[', ']', ':' and '\0', but
INET6_ADDRSTRLEN is not a suitable limit for inet->host, and 5 is not
one for inet->port! They are for host and port in *numeric* form
(exploiting that INET6_ADDRSTRLEN > INET_ADDRSTRLEN), but inet->host
can also be a hostname, and inet->port can be a service name, to be
resolved with getaddrinfo().
Fortunately, the only user so far is the "socket" network backend's
net_socket_connected(), which uses it to initialize a NetSocketState's
info_str[]. info_str[] has considerable more space: 256 instead of
55. So the bug's impact appears to be limited to truncated "info
networks" with the "socket" network backend.
The fix is obvious: use g_strdup_printf().
Signed-off-by: Markus Armbruster <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Commit: a634bbbafc177c2cc94843fac8a05ec4875b7b2b
https://github.com/qemu/qemu/commit/a634bbbafc177c2cc94843fac8a05ec4875b7b2b
Author: Peter Maydell <address@hidden>
Date: 2017-03-28 (Tue, 28 Mar 2017)
Changed paths:
M util/qemu-sockets.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2017-03-28' into
staging
Miscellaneous patches for 2017-03-28
# gpg: Signature made Tue 28 Mar 2017 17:51:06 BST
# gpg: using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <address@hidden>"
# gpg: aka "Markus Armbruster <address@hidden>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* remotes/armbru/tags/pull-misc-2017-03-28:
sockets: Fix socket_address_to_string() hostname truncation
Signed-off-by: Peter Maydell <address@hidden>
Commit: df9046363220e57d45818312759b954c033c58ab
https://github.com/qemu/qemu/commit/df9046363220e57d45818312759b954c033c58ab
Author: Peter Maydell <address@hidden>
Date: 2017-03-28 (Tue, 28 Mar 2017)
Changed paths:
M VERSION
Log Message:
-----------
Update version for v2.9.0-rc2 release
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/b8dc35b25262...df9046363220
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 44fdc7: sockets: Fix socket_address_to_string() hostname t...,
GitHub <=