qemu/hw/i386
Daniel P. Berrangé 950c4e6c94 opts: don't silently truncate long option values
The existing QemuOpts parsing code uses a fixed size 1024 byte buffer
for storing the option values. If a value exceeded this size it was
silently truncated and no error reported to the user. Long option values
is not a common scenario, but it is conceivable that they will happen.
eg if the user has a very deeply nested filesystem it would be possible
to come up with a disk path that was > 1024 bytes. Most of the time if
such data was silently truncated, the user would get an error about
opening a non-existant disk. If they're unlucky though, QEMU might use a
completely different disk image from another VM, which could be
considered a security issue. Another example program was in using the
-smbios command line arg with very large data blobs. In this case the
silent truncation will be providing semantically incorrect data to the
guest OS for SMBIOS tables.

If the operating system didn't limit the user's argv when spawning QEMU,
the code should honour whatever length arguments were given without
imposing its own length restrictions. This patch thus changes the code
to use a heap allocated buffer for storing the values during parsing,
lifting the arbitrary length restriction.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180416111743.8473-4-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-09 00:13:39 +02:00
..
kvm kvmclock: fix clock_is_reliable on migration from QEMU < 2.9 2018-04-09 16:36:39 +02:00
xen xen: Use newly added dmops for mapping VGA memory 2018-04-26 16:29:51 +01:00
acpi-build.c pc: rename "hotplug memory" terminology to "device memory" 2018-05-07 10:00:02 -03:00
acpi-build.h Use scripts/clean-includes to drop redundant qemu/typedefs.h 2016-03-22 22:20:16 +01:00
amd_iommu.c x86_iommu: Move machine check to x86_iommu_realize() 2018-01-18 21:52:38 +02:00
amd_iommu.h amd_iommu: avoid needless includes in header file 2017-12-18 17:07:02 +03:00
intel_iommu_internal.h intel-iommu: Extend address width to 48 bits 2018-01-18 21:52:38 +02:00
intel_iommu.c intel-iommu: Accept 64-bit writes to FEADDR 2018-03-01 16:25:37 +02:00
kvmvapic.c mttcg/i386: Patch instruction using async_safe_* framework 2017-07-14 12:04:35 +02:00
Makefile.objs hw/i386: make IOMMUs configurable via default-configs/ 2018-03-12 16:12:46 +01:00
multiboot.c opts: don't silently truncate long option values 2018-05-09 00:13:39 +02:00
multiboot.h refer to FWCfgState explicitly 2013-06-02 18:14:02 +03:00
pc_piix.c hw: Do not include "sysemu/block-backend.h" if it is not necessary 2018-03-12 16:12:46 +01:00
pc_q35.c q35: change default NIC to e1000e 2018-03-12 16:12:45 +01:00
pc_sysfw.c target/i386: encrypt bios rom 2018-03-13 17:36:05 +01:00
pc.c pc: rename "hotplug memory" terminology to "device memory" 2018-05-07 10:00:02 -03:00
trace-events hw/i386/vmport: replace fprintf() by trace events or LOG_UNIMP 2017-12-21 09:30:32 +01:00
vmmouse.c hw/input/i8042: Extract declarations from i386/pc.h into input/i8042.h 2018-03-12 16:12:48 +01:00
vmport.c hw/input/i8042: Extract declarations from i386/pc.h into input/i8042.h 2018-03-12 16:12:48 +01:00
x86-iommu.c x86_iommu: check if machine has PCI bus 2018-01-18 21:52:38 +02:00