[4/4] Strict XenStore entry parsing
Commit Message
This uses the newly-introduced strict version of sscanf().
Signed-off-by: Demi Marie Obenour <demi@invisiblethingslab.com>
---
drivers/xen/xenbus/xenbus_xs.c | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
Comments
On Fri, Jun 09, 2023 at 10:57:59PM -0400, Demi Marie Obenour wrote:
> This uses the newly-introduced strict version of sscanf().
I can see that. Why does it do that?
Documentation/process/5.Posting.rst
(in general, there is a lack of detail across all four of these patches
justifying why any of this work is being done. it isn't obvious to me
why skipping leading whitespace is bad in this context)
@@ -569,16 +569,20 @@ int xenbus_scanf(struct xenbus_transaction t,
const char *dir, const char *node, const char *fmt, ...)
{
va_list ap;
- int ret;
+ int ret = 0;
+ unsigned int len;
char *val;
- val = xenbus_read(t, dir, node, NULL);
+ val = xenbus_read(t, dir, node, &len);
if (IS_ERR(val))
return PTR_ERR(val);
+ if (strlen(val) != len)
+ goto bad;
va_start(ap, fmt);
- ret = vsscanf(val, fmt, ap);
+ ret = vsscanf_strict(val, fmt, ap);
va_end(ap);
+bad:
kfree(val);
/* Distinctive errno. */
if (ret == 0)
@@ -636,15 +640,18 @@ int xenbus_gather(struct xenbus_transaction t, const char *dir, ...)
while (ret == 0 && (name = va_arg(ap, char *)) != NULL) {
const char *fmt = va_arg(ap, char *);
void *result = va_arg(ap, void *);
+ unsigned len;
char *p;
- p = xenbus_read(t, dir, name, NULL);
+ p = xenbus_read(t, dir, name, &len);
if (IS_ERR(p)) {
ret = PTR_ERR(p);
break;
}
- if (fmt) {
- if (sscanf(p, fmt, result) == 0)
+ if (strlen(p) != len)
+ ret = -EINVAL;
+ else if (fmt) {
+ if (sscanf_strict(p, fmt, result) <= 0)
ret = -EINVAL;
kfree(p);
} else