From mboxrd@z Thu Jan 1 00:00:00 1970 From: Juergen Gross Subject: Re: [PATCH v2 39/52] xen: check parameter validity when parsing command line Date: Mon, 14 Aug 2017 15:31:16 +0200 Message-ID: References: <20170814070849.20986-1-jgross@suse.com> <20170814070849.20986-40-jgross@suse.com> <5991B7B8020000780016F5D0@suse.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dhFSk-0002z5-IR for xen-devel@lists.xenproject.org; Mon, 14 Aug 2017 13:31:22 +0000 In-Reply-To: <5991B7B8020000780016F5D0@suse.com> Content-Language: en-US List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: Jan Beulich Cc: Stefano Stabellini , Wei Liu , George Dunlap , Andrew Cooper , Ian Jackson , Tim Deegan , xen-devel@lists.xenproject.org List-Id: xen-devel@lists.xenproject.org T24gMTQvMDgvMTcgMTQ6NDYsIEphbiBCZXVsaWNoIHdyb3RlOgo+Pj4+IE9uIDE0LjA4LjE3IGF0 IDA5OjA4LCA8amdyb3NzQHN1c2UuY29tPiB3cm90ZToKPj4gLS0tIGEveGVuL2NvbW1vbi9rZXJu ZWwuYwo+PiArKysgYi94ZW4vY29tbW9uL2tlcm5lbC5jCj4+IEBAIC0yMyw5ICsyMywxMSBAQCBl bnVtIHN5c3RlbV9zdGF0ZSBzeXN0ZW1fc3RhdGUgPSBTWVNfU1RBVEVfZWFybHlfYm9vdDsKPj4g IHhlbl9jb21tYW5kbGluZV90IHNhdmVkX2NtZGxpbmU7Cj4+ICBzdGF0aWMgY29uc3QgY2hhciBf X2luaXRjb25zdCBvcHRfYnVpbHRpbl9jbWRsaW5lW10gPSBDT05GSUdfQ01ETElORTsKPj4gIAo+ PiAtc3RhdGljIHZvaWQgX19pbml0IGFzc2lnbl9pbnRlZ2VyX3BhcmFtKAo+PiArc3RhdGljIGlu dCBfX2luaXQgYXNzaWduX2ludGVnZXJfcGFyYW0oCj4+ICAgICAgY29uc3Qgc3RydWN0IGtlcm5l bF9wYXJhbSAqcGFyYW0sIHVpbnQ2NF90IHZhbCkKPj4gIHsKPj4gKyAgICB1bnNpZ25lZCBpbnQg Yml0cyA9IHBhcmFtLT5sZW4gKiBCSVRTX1BFUl9CWVRFOwo+PiArCj4+ICAgICAgc3dpdGNoICgg cGFyYW0tPmxlbiApCj4+ICAgICAgewo+PiAgICAgIGNhc2Ugc2l6ZW9mKHVpbnQ4X3QpOgo+PiBA QCAtNDMsMTQgKzQ1LDE3IEBAIHN0YXRpYyB2b2lkIF9faW5pdCBhc3NpZ25faW50ZWdlcl9wYXJh bSgKPj4gICAgICBkZWZhdWx0Ogo+PiAgICAgICAgICBCVUcoKTsKPj4gICAgICB9Cj4+ICsKPj4g KyAgICByZXR1cm4gKCAodmFsICYgKH4wVUxMIDw8IGJpdHMpKSAmJiB+KHZhbCB8ICh+MFVMTCA+ PiAoNjUgLSBiaXRzKSkpICkgPwo+IAo+IFRoZSBsZWZ0IHBhcnQgaGFzIHVuZGVmaW5lZCBiZWhh dmlvciB3aGVuIHBhcmFtLT5sZW4gPT0gOAo+IChhbmQgb24geDg2IEknZCBleHBlY3QgaXQgdG8g cHJvZHVjZSBqdXN0ICJ2YWwiKS4gVGhlIHJpZ2h0IHBhcnQKPiBJIGd1ZXNzIGlzIG1lYW50IHRv IGJlIGEgc2lnbiBjaGVjaywgYnV0IHRoYXQncyByYXRoZXIgb2JzY3VyZS4KCkhtbSwgb2theS4K Cj4gQXMgaWlyYyBpdCBpcyBzaWduZWQtdG8tdW5zaWduZWQgY29udmVyc2lvbiB3aGljaCBoYXMg dW5pZm9ybWx5Cj4gZGVmaW5lZCBiZWhhdmlvciBpdCBtYXkgZW5kIHVwIGJlaW5nIGJldHRlciBm b3IgdGhlIHBhcmFtZXRlcgo+IHRvIGJlIG9mIHNpZ25lZCB0eXBlIGFuZCB0byBhbGxvdyB2YWx1 ZXMgaW4gdGhlIHJhbmdlCj4gWzx0eXBlPl9NSU4sVTx0eXBlPl9NQVhdLiBBbnl0aGluZyBtb3Jl IHByZWNpc2Ugd291bGQKPiByZXF1aXJlIHNpZ25lZG5lc3MgdG8gYmUgY29tbXVuaWNhdGVkIGZy b20gdGhlICpfcGFyYW0oKQo+IHVzZXJzLgoKT2theSwgSSdsbCBoYXZlIGEgdHJ5LgoKPiBBbHNv IC0gc3RyYXkgYmxhbmtzIGluc2lkZSB0aGUgb3V0ZXJtb3N0IHBhcmVudGhlc2VzLgo+IAo+IEFu ZCBmaW5hbGx5LCB3b3VsZG4ndCBpdCBiZSBiZXR0ZXIgdG8gY2hlY2sgZm9yIG92ZXJmbG93IF9i ZWZvcmVfCj4gYXNzaWduaW5nIHRvICpwYXJhbS0+dmFyPwoKSSBkaWRuJ3Qgd2FudCB0byBjaGFu Z2UgZXhpc3RpbmcgYmVoYXZpb3IuIE9UT0ggdGhpbmtpbmcgdHdpY2UgeW91IGFyZQpyaWdodC4g QmV0dGVyIHVzaW5nIHRoZSBkZWZhdWx0IHZhbHVlIHRoYW4gYW4gdW5leHBlY3RlZCBzbWFsbCBv bmUuCgo+IAo+PiBAQCAtOTcsOCArMTAyLDkgQEAgc3RhdGljIHZvaWQgX19pbml0IF9jbWRsaW5l X3BhcnNlKGNvbnN0IGNoYXIgKmNtZGxpbmUpCj4+ICAgICAgICAgICAgICAgICAgICAgICAhc3Ry bmNtcChwYXJhbS0+bmFtZSwgb3B0LCBxICsgMSAtIG9wdCkgKQo+PiAgICAgICAgICAgICAgICAg IHsKPj4gICAgICAgICAgICAgICAgICAgICAgb3B0dmFsWy0xXSA9ICc9JzsKPj4gLSAgICAgICAg ICAgICAgICAgICAgKCh2b2lkICgqKShjb25zdCBjaGFyICopKXBhcmFtLT52YXIpKHEpOwo+PiAr ICAgICAgICAgICAgICAgICAgICByYyA9ICgoaW50ICgqKShjb25zdCBjaGFyICopKXBhcmFtLT52 YXIpKHEpOwo+IAo+IE5laXRoZXIgaGVyZSBub3IgaW4gdGhlIGVhcmxpZXIgImxldCBjdXN0b20g cGFyYW1ldGVyIHBhcnNpbmcKPiByb3V0aW5lcyByZXR1cm4gZXJybm8iIG5vciBpbiB0aGUgb3Zl cnZpZXcgeW91IG1lbnRpb24gd2h5IHRoaXMKPiBpcyBzYWZlIC0gaXQgaXMgbm90IGEgZ2l2ZW4g dGhhdCBjYWxsZXIgYW5kIGNhbGxlZSBkaXNhZ3JlZWluZyBvbgo+IHJldHVybiB0eXBlIGlzIGdv aW5nIHRvIHdvcmsuIEp1c3QgdGhpbmsgb2YgZnVuY3Rpb25zIHJldHVybmluZwo+IGFnZ3JlZ2F0 ZXMgb3IgKG9uIGl4ODYpIG9uZXMgcmV0dXJuaW5nIGZsb2F0aW5nIHBvaW50IHZhbHVlcyBpbgo+ IHN0KDApLgoKSSB0aG91Z2h0IGFib3V0IHVzaW5nIGEgdW5pb24gaW4gc3RydWN0IGtlcm5lbF9w YXJhbSBhbmQgcmVtb3ZpbmcKYWJvdmUgdHlwZSBjYXN0LiBUaGlzIHdvdWxkIHJlcXVpcmUgbW9k aWZ5aW5nIHRoZSBpbml0aWFsaXphdGlvbiBvZgp0aGUga2VybmVsX3BhcmFtIHN0cnVjdCB2aWEg dGhlICpfcGFyYW0oKSBtYWNyb3MsIHRob3VnaC4KClRoZSBvdGhlciBwb3NzaWJpbGl0eSB3b3Vs ZCBiZSB1c2luZyBfX2J1aWx0aW5fdHlwZXNfY29tcGF0aWJsZV9wKCkKdG8gY2hlY2sgdGhlIGZ1 bmN0aW9uIHRvIGJlIG9mIHByb3BlciB0eXBlLgoKV2hhdCB3b3VsZCB5b3UgbGlrZSBiZXN0PwoK PiAKPj4gICAgICAgICAgICAgICAgICAgICAgb3B0dmFsWy0xXSA9ICdcMCc7Cj4+ICsgICAgICAg ICAgICAgICAgICAgIGJyZWFrOwo+IAo+IFdoeT8gQXBwbGllcyB0byBmdXJ0aGVyIGJyZWFrLXMg eW91IGFkZDogQXQgbGVhc3QgaW4gdGhlIHBhc3Qgd2UKPiBoYWQgY29tbWFuZCBsaW5lIG9wdGlv bnMgd2l0aCB0d28gaGFuZGxlcnMsIHdoZXJlIGVhY2ggb2YgdGhlbQo+IG5lZWRlZCB0byBiZSBp bnZva2VkLiBJIGRvbid0IHRoaW5rIHdlIHNob3VsZCBtYWtlIHN1Y2ggaW1wb3NzaWJsZQo+IGV2 ZW4gaWYgcmlnaHQgbm93IHRoZXJlIGFyZW4ndCBhbnkgc3VjaCBleGFtcGxlcy4gWWV0IGlmIHlv dSByZWFsbHkKPiBtZWFuIHRvLCB0aGVuIHRoZSBiZWhhdmlvcmFsIGNoYW5nZSBuZWVkcyB0byBi ZSBjYWxsZWQgb3V0IGluIHRoZQo+IGRlc2NyaXB0aW9uLgoKSSB3YXNuJ3QgYXdhcmUgb2Ygc3Vj aCBhIHVzYWdlLgoKSSdtIGZpbmUgZm9yIGJvdGggYWx0ZXJuYXRpdmVzLiBBcyB5b3Ugc2VlbSB0 byBwcmVmZXIgdG8ga2VlcCBzdXBwb3J0CmZvciBtdWx0aXBsZSBoYW5kbGVycyBJJ2xsIG1vZGlm eSB0aGUgcGF0Y2ggdG8gYWxsb3cgdGhhdC4KCj4+IEBAIC0xMDYsMjQgKzExMiwzNCBAQCBzdGF0 aWMgdm9pZCBfX2luaXQgX2NtZGxpbmVfcGFyc2UoY29uc3QgY2hhciAqY21kbGluZSkKPj4gICAg ICAgICAgICAgIHN3aXRjaCAoIHBhcmFtLT50eXBlICkKPj4gICAgICAgICAgICAgIHsKPj4gICAg ICAgICAgICAgIGNhc2UgT1BUX1NUUjoKPj4gKyAgICAgICAgICAgICAgICByYyA9IDA7Cj4+ICAg ICAgICAgICAgICAgICAgc3RybGNweShwYXJhbS0+dmFyLCBvcHR2YWwsIHBhcmFtLT5sZW4pOwo+ PiAgICAgICAgICAgICAgICAgIGJyZWFrOwo+PiAgICAgICAgICAgICAgY2FzZSBPUFRfVUlOVDoK Pj4gLSAgICAgICAgICAgICAgICBhc3NpZ25faW50ZWdlcl9wYXJhbSgKPj4gKyAgICAgICAgICAg ICAgICByYyA9IGFzc2lnbl9pbnRlZ2VyX3BhcmFtKAo+PiAgICAgICAgICAgICAgICAgICAgICBw YXJhbSwKPj4gLSAgICAgICAgICAgICAgICAgICAgc2ltcGxlX3N0cnRvbGwob3B0dmFsLCBOVUxM LCAwKSk7Cj4+ICsgICAgICAgICAgICAgICAgICAgIHNpbXBsZV9zdHJ0b2xsKG9wdHZhbCwgJnMs IDApKTsKPj4gKyAgICAgICAgICAgICAgICBpZiAoICpzICkKPj4gKyAgICAgICAgICAgICAgICAg ICAgcmMgPSAtRUlOVkFMOwo+PiAgICAgICAgICAgICAgICAgIGJyZWFrOwo+PiAgICAgICAgICAg ICAgY2FzZSBPUFRfQk9PTDoKPj4gLSAgICAgICAgICAgICAgICBpZiAoICFwYXJzZV9ib29sKG9w dHZhbCkgKQo+PiArICAgICAgICAgICAgICAgIHJjID0gcGFyc2VfYm9vbChvcHR2YWwpOwo+PiAr ICAgICAgICAgICAgICAgIGlmICggcmMgPT0gLTEgKQo+IAo+IE1heWJlICJyYyA8IDAiPwoKT2th eS4KCj4gCj4+IEBAIC0xMzEsMTMgKzE0NywyMSBAQCBzdGF0aWMgdm9pZCBfX2luaXQgX2NtZGxp bmVfcGFyc2UoY29uc3QgY2hhciAqY21kbGluZSkKPj4gICAgICAgICAgICAgICAgICAgICAgc2Fm ZV9zdHJjcHkob3B0LCAibm8iKTsKPj4gICAgICAgICAgICAgICAgICAgICAgb3B0dmFsID0gb3B0 Owo+PiAgICAgICAgICAgICAgICAgIH0KPj4gLSAgICAgICAgICAgICAgICAoKHZvaWQgKCopKGNv bnN0IGNoYXIgKikpcGFyYW0tPnZhcikob3B0dmFsKTsKPj4gKyAgICAgICAgICAgICAgICByYyA9 ICgoaW50ICgqKShjb25zdCBjaGFyICopKXBhcmFtLT52YXIpKG9wdHZhbCk7Cj4+ICAgICAgICAg ICAgICAgICAgYnJlYWs7Cj4+ICAgICAgICAgICAgICBkZWZhdWx0Ogo+PiAgICAgICAgICAgICAg ICAgIEJVRygpOwo+PiAgICAgICAgICAgICAgICAgIGJyZWFrOwo+PiAgICAgICAgICAgICAgfQo+ PiArCj4+ICsgICAgICAgICAgICBicmVhazsKPj4gICAgICAgICAgfQo+PiArCj4+ICsgICAgICAg IGlmICggcmMgKQo+PiArICAgICAgICAgICAgcHJpbnRrKCJwYXJhbWV0ZXIgXCIlc1wiIGhhcyBp bnZhbGlkIHZhbHVlIFwiJXNcIiFcbiIsIG9wdGtleSwKPj4gKyAgICAgICAgICAgICAgICAgICBv cHR2YWwpOwo+IAo+IFdpdGggdGhlIGNoYW5nZXMgbWFkZSB0byBvcHR2YWwgaW4gT1BUX0NVU1RP TSBoYW5kbGluZyB0aGlzCj4gbWF5IGVuZCB1cCBiZWluZyBjb25mdXNpbmcuCgpPaCB5ZXMsIGdv b2QgY2F0Y2guCgoKSnVlcmdlbgoKCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fClhlbi1kZXZlbCBtYWlsaW5nIGxpc3QKWGVuLWRldmVsQGxpc3RzLnhlbi5v cmcKaHR0cHM6Ly9saXN0cy54ZW4ub3JnL3hlbi1kZXZlbAo=