All of lore.kernel.org
 help / color / mirror / Atom feed
From: Markus Armbruster <armbru@redhat.com>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 02/24] option: Assert value string isn't null
Date: Thu, 23 Feb 2017 20:53:40 +0100	[thread overview]
Message-ID: <1487879642-16139-3-git-send-email-armbru@redhat.com> (raw)
In-Reply-To: <1487879642-16139-1-git-send-email-armbru@redhat.com>

Plenty of code relies on QemuOpt member @str not being null, including
qemu_opts_print(), qemu_opts_to_qdict(), and callbacks passed to
qemu_opt_foreach().

Begs the question whether it can be null.  Only opt_set() creates
QemuOpt.  It sets member @str to its argument @value.  Passing null
for @value would plant a time bomb.  Callers:

* opts_do_parse() can't pass null.

* qemu_opt_set() passes its argument @value.  Callers:

  - qemu_opts_from_qdict_1() can't pass null

  - qemu_opts_set() passes its argument @value, but none of its
    callers pass null.

  - Many more outside qemu-option.c, but they shouldn't pass null,
    either.

Assert member @str isn't null, so that misuse is caught right away.

Simplify parse_option_bool(), parse_option_number() and
parse_option_size() accordingly.  Best viewed with whitespace changes
ignored.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1487708048-2131-3-git-send-email-armbru@redhat.com>
---
 util/qemu-option.c | 89 ++++++++++++++++++++++++------------------------------
 1 file changed, 39 insertions(+), 50 deletions(-)

diff --git a/util/qemu-option.c b/util/qemu-option.c
index d611946..9708668 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -128,17 +128,13 @@ int get_param_value(char *buf, int buf_size,
 static void parse_option_bool(const char *name, const char *value, bool *ret,
                               Error **errp)
 {
-    if (value != NULL) {
-        if (!strcmp(value, "on")) {
-            *ret = 1;
-        } else if (!strcmp(value, "off")) {
-            *ret = 0;
-        } else {
-            error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
-                       name, "'on' or 'off'");
-        }
-    } else {
+    if (!strcmp(value, "on")) {
         *ret = 1;
+    } else if (!strcmp(value, "off")) {
+        *ret = 0;
+    } else {
+        error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+                   name, "'on' or 'off'");
     }
 }
 
@@ -148,16 +144,12 @@ static void parse_option_number(const char *name, const char *value,
     char *postfix;
     uint64_t number;
 
-    if (value != NULL) {
-        number = strtoull(value, &postfix, 0);
-        if (*postfix != '\0') {
-            error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a number");
-            return;
-        }
-        *ret = number;
-    } else {
+    number = strtoull(value, &postfix, 0);
+    if (*postfix != '\0') {
         error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a number");
+        return;
     }
+    *ret = number;
 }
 
 static const QemuOptDesc *find_desc_by_name(const QemuOptDesc *desc,
@@ -180,39 +172,35 @@ void parse_option_size(const char *name, const char *value,
     char *postfix;
     double sizef;
 
-    if (value != NULL) {
-        sizef = strtod(value, &postfix);
-        if (sizef < 0 || sizef > UINT64_MAX) {
-            error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name,
-                             "a non-negative number below 2^64");
-            return;
-        }
-        switch (*postfix) {
-        case 'T':
-            sizef *= 1024;
-            /* fall through */
-        case 'G':
-            sizef *= 1024;
-            /* fall through */
-        case 'M':
-            sizef *= 1024;
-            /* fall through */
-        case 'K':
-        case 'k':
-            sizef *= 1024;
-            /* fall through */
-        case 'b':
-        case '\0':
-            *ret = (uint64_t) sizef;
-            break;
-        default:
-            error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a size");
-            error_append_hint(errp, "You may use k, M, G or T suffixes for "
-                    "kilobytes, megabytes, gigabytes and terabytes.\n");
-            return;
-        }
-    } else {
+    sizef = strtod(value, &postfix);
+    if (sizef < 0 || sizef > UINT64_MAX) {
+        error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name,
+                   "a non-negative number below 2^64");
+        return;
+    }
+    switch (*postfix) {
+    case 'T':
+        sizef *= 1024;
+        /* fall through */
+    case 'G':
+        sizef *= 1024;
+        /* fall through */
+    case 'M':
+        sizef *= 1024;
+        /* fall through */
+    case 'K':
+    case 'k':
+        sizef *= 1024;
+        /* fall through */
+    case 'b':
+    case '\0':
+        *ret = (uint64_t) sizef;
+        break;
+    default:
         error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a size");
+        error_append_hint(errp, "You may use k, M, G or T suffixes for "
+                          "kilobytes, megabytes, gigabytes and terabytes.\n");
+        return;
     }
 }
 
@@ -566,6 +554,7 @@ static void opt_set(QemuOpts *opts, const char *name, const char *value,
     }
     opt->desc = desc;
     opt->str = g_strdup(value);
+    assert(opt->str);
     qemu_opt_parse(opt, &local_err);
     if (local_err) {
         error_propagate(errp, local_err);
-- 
2.7.4

  parent reply	other threads:[~2017-02-23 19:54 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-23 19:53 [Qemu-devel] [PULL 00/24] option cutils: Fix and clean up number conversions Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 01/24] test-qemu-opts: Cover qemu_opts_parse() Markus Armbruster
2017-02-23 19:53 ` Markus Armbruster [this message]
2017-02-23 19:53 ` [Qemu-devel] [PULL 03/24] test-cutils: Add missing qemu_strtol()... endptr checks Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 04/24] test-cutils: Clean up qemu_strtoul() result checks Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 05/24] util/cutils: Rewrite documentation of qemu_strtol() & friends Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 06/24] util/cutils: Rename qemu_strtoll(), qemu_strtoull() Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 07/24] util/cutils: Clean up variable names around qemu_strtol() Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 08/24] util/cutils: Clean up control flow around qemu_strtol() a bit Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 09/24] option: Fix to reject invalid and overflowing numbers Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 10/24] test-cutils: Add missing qemu_strtosz()... endptr checks Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 11/24] test-cutils: Cover qemu_strtosz() invalid input Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 12/24] test-cutils: Cover qemu_strtosz() with trailing crap Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 13/24] test-cutils: Cover qemu_strtosz() around range limits Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 14/24] util/cutils: New qemu_strtosz_metric() Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 15/24] util/cutils: Rename qemu_strtosz() to qemu_strtosz_MiB() Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 16/24] util/cutils: New qemu_strtosz() Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 17/24] util/cutils: Drop QEMU_STRTOSZ_DEFSUFFIX_* macros Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 18/24] test-cutils: Use qemu_strtosz() more often Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 19/24] test-cutils: Drop suffix from test_qemu_strtosz_simple() Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 20/24] qemu-img: Wrap cvtnum() around qemu_strtosz() Markus Armbruster
2017-02-23 19:53 ` [Qemu-devel] [PULL 21/24] util/cutils: Let qemu_strtosz*() optionally reject trailing crap Markus Armbruster
2017-02-23 19:54 ` [Qemu-devel] [PULL 22/24] util/cutils: Return qemu_strtosz*() error and value separately Markus Armbruster
2017-02-23 19:54 ` [Qemu-devel] [PULL 23/24] util/cutils: Change qemu_strtosz*() from int64_t to uint64_t Markus Armbruster
2017-02-23 19:54 ` [Qemu-devel] [PULL 24/24] option: Fix checking of sizes for overflow and trailing crap Markus Armbruster
2017-02-23 20:37 ` [Qemu-devel] [PULL 00/24] option cutils: Fix and clean up number conversions no-reply
2017-02-25 16:37 ` Peter Maydell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1487879642-16139-3-git-send-email-armbru@redhat.com \
    --to=armbru@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.