On Mon, 12 Mar 2018 10:01:46 +0100 Greg Kurz <gr...@kaod.org> wrote: > On Sun, 11 Mar 2018 20:12:39 +0000 > Nia Alarie <nia.ala...@gmail.com> wrote: > > > Signed-off-by: Nia Alarie <nia.ala...@gmail.com> > > --- > > Applied, thanks. >
Following Eric's suggestion in another mail, let's give a chance for the new qemu_strto*() helpers to reach master. Also, FIDs are unsigned 32-bit integers, so we should use a qemu_strtou*() variant. > > hw/9pfs/9p.c | 12 ++++++++++-- > > 1 file changed, 10 insertions(+), 2 deletions(-) > > > > diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c > > index 48fa48e720..64f3bb976c 100644 > > --- a/hw/9pfs/9p.c > > +++ b/hw/9pfs/9p.c > > @@ -15,6 +15,7 @@ > > #include <glib/gprintf.h> > > #include "hw/virtio/virtio.h" > > #include "qapi/error.h" > > +#include "qemu/cutils.h" > > #include "qemu/error-report.h" > > #include "qemu/iov.h" > > #include "qemu/sockets.h" > > @@ -2213,8 +2214,15 @@ static void coroutine_fn v9fs_create(void *opaque) > > } > > v9fs_path_copy(&fidp->path, &path); > > } else if (perm & P9_STAT_MODE_LINK) { > > - int32_t ofid = atoi(extension.data); > > - V9fsFidState *ofidp = get_fid(pdu, ofid); > > + long ofid; > > + V9fsFidState *ofidp; > > + > > + if (qemu_strtol(extension.data, NULL, 10, &ofid) || > > + ofid > INT32_MAX || ofid < INT32_MIN) { > > + err = -EINVAL; > > + goto out; > > + } > > + ofidp = get_fid(pdu, (int32_t)ofid); > > if (ofidp == NULL) { > > err = -EINVAL; > > goto out; > >