shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-09-15 13:44:48 +03:00
Code Releases Activity

qemu: Fix off-by-one error while unescaping monitor strings

Browse Source 
While unescaping the commands the commands passed through to the monitor
function qemuMonitorUnescapeArg() initialized lenght of the input string
to strlen()+1 which is fine for alloc but not for iteration of the
string.

This patch fixes the off-by-one error and drops the pointless check for
a single trailing slash that is automaticaly handled by the default
branch of switch.
(cherry picked from commit 0f4660c878)
This commit is contained in:
Peter Krempa
2012-06-14 10:29:36 +02:00
committed by Cole Robinson
parent 73908b1d10
commit 0889bdb844
1 changed files with 3 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/qemu/qemu_monitor.c
View File

@@ -157,20 +157,15 @@ char *qemuMonitorUnescapeArg(const char *in)
{ {
int i, j; int i, j;
char *out; char *out;
int len = strlen(in) + 1; int len = strlen(in);
char next; char next;
if (VIR_ALLOC_N(out, len) < 0) if (VIR_ALLOC_N(out, len + 1) < 0)
return NULL; return NULL;
for (i = j = 0; i < len; ++i) { for (i = j = 0; i < len; ++i) {
next = in[i]; next = in[i];
if (in[i] == '\\') { if (in[i] == '\\') {
if (len < i + 1) {
/* trailing backslash shouldn't be possible */
VIR_FREE(out);
return NULL;
}
++i; ++i;
switch(in[i]) { switch(in[i]) {
case 'r': case 'r':
@@ -184,7 +179,7 @@ char *qemuMonitorUnescapeArg(const char *in)
next = in[i]; next = in[i];
break; break;
default: default:
/* invalid input */ /* invalid input (including trailing '\' at end of in) */
VIR_FREE(out); VIR_FREE(out);
return NULL; return NULL;
} }