From: Peter Maydell <peter.maydell@linaro.org>
To: Hanna Reitz <hreitz@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>,
qemu-devel@nongnu.org, qemu-block@nongnu.org
Subject: Re: [PATCH v2 2/2] block/curl.c: Check error return from curl_easy_setopt()
Date: Thu, 24 Feb 2022 14:26:26 +0000 [thread overview]
Message-ID: <CAFEAcA-3B_D9vA99uB2Wqtn_FsdbwdNa0DRqa87bC5xOfWzY=A@mail.gmail.com> (raw)
In-Reply-To: <90aa45dd-9fe2-cb66-281a-1e397f8cbeed@redhat.com>
On Thu, 24 Feb 2022 at 14:11, Hanna Reitz <hreitz@redhat.com> wrote:
>
> On 22.02.22 16:23, Peter Maydell wrote:
> > Coverity points out that we aren't checking the return value
> > from curl_easy_setopt() for any of the calls to it we make
> > in block/curl.c.
> >
> > Some of these options are documented as always succeeding (e.g.
> > CURLOPT_VERBOSE) but others have documented failure cases (e.g.
> > CURLOPT_URL). For consistency we check every call, even the ones
> > that theoretically cannot fail.
> >
> > Fixes: Coverity CID 1459336, 1459482, 1460331
> > Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> > ---
> > Changes v1->v2:
> > * set the error string in the failure path for the
> > direct setopt calls in curl_open()
> > * fix the failure path in curl_setup_preadv() by putting
> > the curl_easy_setopt() call in the same if() condition
> > as the existing curl_multi_add_handle()
> > ---
> > block/curl.c | 92 +++++++++++++++++++++++++++++++++-------------------
> > 1 file changed, 58 insertions(+), 34 deletions(-)
>
> Reviewed-by: Hanna Reitz <hreitz@redhat.com>
For the record, I had a late thought that maybe we were setting
some optional-for-us options that were only added in later versions
of libcurl and accidentally relying on not checking the error code.
But it turns out this isn't the case: most of the options we set
are always supported, and the exceptions are:
NOSIGNAL -- 7.10 onward
PRIVATE -- 7.10.3 onward
USERNAME, PASSWORD, PROXYUSERNAME, PROXYPASSWORD -- 7.19.1 onward,
but we only set these if the user asked for them, so failing
would be the right thing anyway
PROTOCOLS, REDIR_PROTOCOLS -- 7.19.4 onward, guarded by a
compile-time LIBCURL_VERSION_NUM check
And in any case our meson.build insists on at least 7.29.
(That means we could drop the LIBCURL_VERSION_NUM guards, I guess.)
-- PMM
next prev parent reply other threads:[~2022-02-24 14:28 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-22 15:23 [PATCH v2 0/2] block/curl: check error return from curl_easy_setopt() Peter Maydell
2022-02-22 15:23 ` [PATCH v2 1/2] block/curl.c: Set error message string if curl_init_state() fails Peter Maydell
2022-02-22 21:30 ` Philippe Mathieu-Daudé
2022-02-24 14:08 ` Hanna Reitz
2022-02-22 15:23 ` [PATCH v2 2/2] block/curl.c: Check error return from curl_easy_setopt() Peter Maydell
2022-02-24 14:11 ` Hanna Reitz
2022-02-24 14:26 ` Peter Maydell [this message]
2022-02-24 14:13 ` [PATCH v2 0/2] block/curl: check " Hanna Reitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA-3B_D9vA99uB2Wqtn_FsdbwdNa0DRqa87bC5xOfWzY=A@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=hreitz@redhat.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.