Blob Blame Raw
From 8fde4e2c8a03832087c7e006e35988245f55c57b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Fri, 3 Nov 2017 18:06:12 +0100
Subject: [PATCH 2/2] qemu-option: reject empty number value
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

RH-Author: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: <20171103180612.24523-1-marcandre.lureau@redhat.com>
Patchwork-id: 77500
O-Subject: [RHEL-7.5 qemu-kvm PATCH v2] qemu-option: reject empty number value
Bugzilla: 1417864
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
RH-Acked-by: Laurent Vivier <lvivier@redhat.com>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>

(Upstream commit to fix this bug is
3403e5eb884f3a74c40fe7cccc103f848c040215, however, the patch relies on
qemu_strtou64() which was introduced later and had several iterations)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
v2:
- add errno check (Laszlo Ersek)

util/qemu-option.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 util/qemu-option.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/util/qemu-option.c b/util/qemu-option.c
index 4de5d13..5a85abd 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -162,8 +162,9 @@ static void parse_option_number(const char *name, const char *value,
     uint64_t number;
 
     if (value != NULL) {
+        errno = 0;
         number = strtoull(value, &postfix, 0);
-        if (*postfix != '\0') {
+        if (errno != 0 || *postfix != '\0' || postfix == value) {
             error_set(errp, QERR_INVALID_PARAMETER_VALUE, name, "a number");
             return;
         }
-- 
1.8.3.1