qemu/util
Daniel P. Berrangé 950c4e6c94 opts: don't silently truncate long option values
The existing QemuOpts parsing code uses a fixed size 1024 byte buffer
for storing the option values. If a value exceeded this size it was
silently truncated and no error reported to the user. Long option values
is not a common scenario, but it is conceivable that they will happen.
eg if the user has a very deeply nested filesystem it would be possible
to come up with a disk path that was > 1024 bytes. Most of the time if
such data was silently truncated, the user would get an error about
opening a non-existant disk. If they're unlucky though, QEMU might use a
completely different disk image from another VM, which could be
considered a security issue. Another example program was in using the
-smbios command line arg with very large data blobs. In this case the
silent truncation will be providing semantically incorrect data to the
guest OS for SMBIOS tables.

If the operating system didn't limit the user's argv when spawning QEMU,
the code should honour whatever length arguments were given without
imposing its own length restrictions. This patch thus changes the code
to use a heap allocated buffer for storing the values during parsing,
lifting the arbitrary length restriction.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20180416111743.8473-4-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-09 00:13:39 +02:00
..
acl.c
aio-posix.c async: use ARRAY_SIZE macro 2018-02-10 10:43:18 +03:00
aio-wait.c block: make BDRV_POLL_WHILE() re-entrancy safe 2018-03-12 11:07:37 +00:00
aio-win32.c iothread: fix breakage on windows 2018-03-26 14:37:15 +02:00
aiocb.c
async.c
base64.c
bitmap.c
bitops.c
buffer.c
bufferiszero.c
cacheinfo.c
compatfd.c
coroutine-sigaltstack.c
coroutine-ucontext.c build: try improve handling of clang warnings 2018-03-12 08:59:03 +01:00
coroutine-win32.c
crc32c.c
cutils.c cutils: add qemu_strtoi & qemu_strtoui parsers for int/unsigned int types 2018-03-13 18:06:05 +00:00
envlist.c
error.c
event_notifier-posix.c Revert "qemu: add a cleanup callback function to EventNotifier" 2018-01-24 19:20:19 +02:00
event_notifier-win32.c Revert "qemu: add a cleanup callback function to EventNotifier" 2018-01-24 19:20:19 +02:00
fifo8.c
getauxval.c
hbitmap.c hbitmap: fix missing restore count when finish deserialization 2018-02-07 11:35:49 -05:00
hexdump.c
host-utils.c
id.c
iohandler.c
iov.c
keyval.c qobject: Replace qobject_incref/QINCREF qobject_decref/QDECREF 2018-05-04 08:27:53 +02:00
lockcnt.c
log.c
main-loop.c replay: push replay_mutex_lock up the call tree 2018-03-12 17:10:36 +01:00
Makefile.objs membarrier: add --enable-membarrier 2018-03-12 16:12:47 +01:00
memfd.c memfd: fix vhost-user-test on non-memfd capable host 2018-04-09 12:57:06 +02:00
mmap-alloc.c Make qemu_mempath_getpagesize() accept NULL 2018-04-27 18:05:22 +10:00
module.c
notify.c
osdep.c osdep: Retry SETLK upon EINTR 2018-01-23 12:33:07 +01:00
oslib-posix.c mem: add share parameter to memory-backend-ram 2018-02-19 13:03:24 +02:00
oslib-win32.c mem: add share parameter to memory-backend-ram 2018-02-19 13:03:24 +02:00
pagesize.c
path.c
qdist.c
qemu-config.c qobject: Replace qobject_incref/QINCREF qobject_decref/QDECREF 2018-05-04 08:27:53 +02:00
qemu-coroutine-io.c
qemu-coroutine-lock.c coroutine: avoid co_queue_wakeup recursion 2018-03-27 13:05:28 +01:00
qemu-coroutine-sleep.c coroutine: simplify co_aio_sleep_ns() prototype 2017-12-19 09:25:27 +00:00
qemu-coroutine.c coroutine: avoid co_queue_wakeup recursion 2018-03-27 13:05:28 +01:00
qemu-error.c
qemu-openpty.c
qemu-option.c opts: don't silently truncate long option values 2018-05-09 00:13:39 +02:00
qemu-progress.c
qemu-sockets.c sockets: allow SocketAddress 'fd' to reference numeric file descriptors 2018-03-13 18:06:06 +00:00
qemu-thread-posix.c qemu-thread: always keep the posix wrapper layer 2018-05-09 00:13:38 +02:00
qemu-thread-win32.c util/qemu-thread-*: add qemu_lock, locked and unlock trace events 2018-01-16 14:54:52 +01:00
qemu-timer-common.c
qemu-timer.c replay: save prior value of the host clock 2018-03-12 16:12:50 +01:00
qht.c
range.c
rcu.c membarrier: introduce qemu/sys_membarrier.h 2018-03-12 16:12:47 +01:00
readline.c readline: don't free completions in readline_free() 2018-02-05 13:54:39 +01:00
stats64.c
sys_membarrier.c sys_membarrier: fix up include directives 2018-04-05 14:37:38 +02:00
systemd.c
thread-pool.c
throttle.c
timed-average.c
trace-events util: Introduce vfio helpers 2018-02-08 09:22:03 +08:00
unicode.c
uri.c util/uri.c: wrap single statement blocks with braces {} 2018-03-05 09:03:17 +00:00
uuid.c util: add is_equal to UUID API 2017-12-20 22:01:24 +08:00
vfio-helpers.c block/nvme: fix Coverity reports 2018-03-01 15:21:46 +08:00