Commit Graph

12 Commits

Author SHA1 Message Date
Eric Blake
4a27eb1398 buf: protect against integer overflow
It's unlikely that we'll ever want to escape a string as long as
INT_MAX/6, but adding this check can't hurt.

* src/util/buf.c (virBufferEscapeSexpr, virBufferEscapeString):
Check for (unlikely) overflow.
2011-06-24 16:01:56 -06:00
Eric Blake
f09acccfd7 buf: add virBufferVasprintf
Match the fact that we have virAsprintf and virVasprintf.

* src/util/buf.h (virBufferVasprintf): New prototype.
* src/util/buf.c (virBufferAsprintf): Move guts...
(virBufferVasprintf): ...to new function.
* src/libvirt_private.syms (buf.h): Export it.
* bootstrap.conf (gnulib_modules): Add stdarg, for va_copy.
2011-05-05 13:48:19 -06:00
Eric Blake
68ea80cfdd maint: rename virBufferVSprintf to virBufferAsprintf
We already have virAsprintf, so picking a similar name helps for
seeing a similar purpose.  Furthermore, the prefix V before printf
generally implies 'va_list', even though this variant was '...', and
the old name got in the way of adding a new va_list version.

global rename performed with:

$ git grep -l virBufferVSprintf \
  | xargs -L1 sed -i 's/virBufferVSprintf/virBufferAsprintf/g'

then revert the changes in ChangeLog-old.
2011-05-05 13:47:40 -06:00
Wen Congyang
6fee3da262 free buf->content when vsnprintf() failed
When buf->error is 1, we do not return buf->content in the function
virBufferContentAndReset(). So we should free buf->content when
vsnprintf() failed.
2011-04-27 20:12:13 +08:00
Cole Robinson
3afe5d402b xend: Escape reserved sexpr characters
If we don't escape ' or \ xend can't parse the generated sexpr. This
might over apply the EscapeSexpr routine, but it shouldn't hurt.
2010-11-22 16:43:29 -05:00
Cole Robinson
0af02cb2e8 buf: Simplify virBufferEscapeString
We are about to copy this function, so clean it up before we do.
2010-11-22 16:37:21 -05:00
Cole Robinson
18af6f4e64 buf: Fix possible infinite loop in EscapeString, VSnprintf
The current code will go into an infinite loop if the printf generated
string is >= 1000, AND exactly 1 character smaller than the amount of free
space in the buffer. When this happens, we are dropped into the loop body,
but nothing will actually change, because count == (buf->size - buf->use - 1),
and virBufferGrow returns unchanged if count < (buf->size - buf->use)

Fix this by removing the '- 1' bit from 'size'. The *nprintf functions handle
the NULL byte for us anyways, so we shouldn't need to manually accommodate
for it.

Here's a bug where we are actually hitting this issue:
https://bugzilla.redhat.com/show_bug.cgi?id=602772

v2: Eric's improvements: while -> if (), remove extra va_list variable,
    make sure we report buffer error if snprintf fails

v3: Add tests/virbuftest which reproduces the infinite loop before this
    patch, works correctly after
2010-09-10 10:05:43 -04:00
Jim Meyering
72919f3d35 virBufferVSprintf: do not omit va_end(argptr) call
* src/util/buf.c (virBufferVSprintf): Do not omit va_end(argptr).
Improved-by: Daniel Veillard.
2010-02-19 18:32:23 +01:00
Jim Meyering
3f8de891c5 virBufferStrcat: do not skip va_end
* src/util/buf.c (virBufferStrcat): Do not skip va_end due to
an early return.
2010-02-19 11:52:04 +01:00
Matthias Bolte
1b9d074493 Add virBufferFreeAndReset() and replace free()
Replace free(virBufferContentAndReset()) with virBufferFreeAndReset().
Update documentation and replace all remaining calls to free() with
calls to VIR_FREE(). Also add missing calls to virBufferFreeAndReset()
and virReportOOMError() in OOM error cases.
2009-12-10 00:00:50 +01:00
Laine Stump
04e0686262 Avoid crash in virBufferEscapeString
* src/util/buf.c: if virBufferEscapeString was called on a buffer that
  had 0 bytes of space, a size of -1 will be passed to snprintf, resulting
  in a segmentation fault, this preallocate some space.
2009-10-15 14:19:11 +02:00
Daniel P. Berrange
1355e0552e Move all shared utility files to src/util/
* src/bridge.c, src/bridge.h, src/buf.c, src/buf.h, src/cgroup.c,
  src/cgroup.h, src/conf.c, src/conf.h, src/event.c, src/event.h,
  src/hash.c, src/hash.h, src/hostusb.c, src/hostusb.h,
  src/iptables.c, src/iptables.h, src/logging.c, src/logging.h,
  src/memory.c, src/memory.h, src/pci.c, src/pci.h, src/qparams.c,
  src/qparams.h, src/stats_linux.c, src/stats_linux.h,
  src/threads-pthread.c, src/threads-pthread.h, src/threads-win32.c,
  src/threads-win32.h, src/threads.c, src/threads.h, src/util.c,
  src/util.h, src/uuid.c, src/uuid.h, src/virterror.c,
  src/virterror_internal.h, src/xml.c, src/xml.h: Move all files
  into src/util/
* daemon/Makefile.am: Add -Isrc/util/ to build flags
* src/Makefile.am: Add -Isrc/util/ to build flags and update for
  moved files
* src/libvirt_private.syms: Export cgroup APIs since they're now
  in util rather than linking directly to drivers
* src/xen/xs_internal.c: Disable bogus virEventRemoveHandle call
  when built under PROXY
* proxy/Makefile.am: Update for changed file locations. Remove
  bogus build of event.c
* tools/Makefile.am, tests/Makefile.am: Add -Isrc/util/ to build flags
2009-09-21 14:41:47 +01:00