mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
950c4e6c94
qemu/include
History
Daniel P. Berrangé 950c4e6c94 opts: don't silently truncate long option values 
The existing QemuOpts parsing code uses a fixed size 1024 byte buffer
for storing the option values. If a value exceeded this size it was
silently truncated and no error reported to the user. Long option values
is not a common scenario, but it is conceivable that they will happen.
eg if the user has a very deeply nested filesystem it would be possible
to come up with a disk path that was > 1024 bytes. Most of the time if
such data was silently truncated, the user would get an error about
opening a non-existant disk. If they're unlucky though, QEMU might use a
completely different disk image from another VM, which could be
considered a security issue. Another example program was in using the
-smbios command line arg with very large data blobs. In this case the
silent truncation will be providing semantically incorrect data to the
guest OS for SMBIOS tables.

If the operating system didn't limit the user's argv when spawning QEMU,
the code should honour whatever length arguments were given without
imposing its own length restrictions. This patch thus changes the code
to use a heap allocated buffer for storing the values during parsing,
lifting the arbitrary length restriction.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180416111743.8473-4-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-09 00:13:39 +02:00
..
block include/block/block_int: Document protocol related functions 2018-03-26 12:16:00 +02:00
chardev chardev: introduce chr_machine_done hook 2018-03-12 16:12:46 +01:00
crypto Include less of the generated modular QAPI headers 2018-03-02 13:45:50 -06:00
disas RISC-V Disassembler 2018-03-07 08:30:28 +13:00
exec exec: reintroduce MemoryRegion caching 2018-05-09 00:13:38 +02:00
fpu softfloat: use floatx80_infinity in softfloat 2018-03-04 17:27:35 +01:00
hw Machine queue, 2018-05-07 2018-05-08 15:25:17 +01:00
io qio: non-default context for TLS handshake 2018-03-06 10:19:07 +00:00
libdecnumber
migration migration: add postcopy migration of dirty bitmaps 2018-03-13 17:06:09 -04:00
monitor monitor: new parameter "x-oob" 2018-03-27 10:17:45 -05:00
net virtio_net: flush uncompleted TX on reset 2018-03-26 14:49:17 +08:00
qapi qobject: Modify qobject_ref() to return obj 2018-05-04 08:27:53 +02:00
qemu opts: don't silently truncate long option values 2018-05-09 00:13:39 +02:00
qom qom: allow object_get_canonical_path_component without parent 2018-05-09 00:13:37 +02:00
scsi Include qapi/qmp/qdict.h exactly where needed 2018-02-09 13:52:15 +01:00
standard-headers virtio,vhost,pci,pc: features, cleanups 2018-03-20 15:48:34 +00:00
sysemu memdev: remove "id" property 2018-05-09 00:13:37 +02:00
ui console: introduce dpy_gfx_update_full 2018-04-27 11:36:34 +02:00
elf.h linux-user: ARM-FDPIC: Identify ARM FDPIC binaries 2018-05-03 18:25:29 +02:00
glib-compat.h
qemu-common.h Move include qemu/option.h from qemu-common.h to actual users 2018-02-09 13:52:16 +01:00
qemu-io.h
trace-tcg.h