Xen devel - Jul 2006 - [PATCH] Uninitialized ifname can cause qemu to quit

Uninitialized ifname can cause qemu to quit.  If the first character of the
if name is not \0, qemu will think it''s a valid ifname and configure
/dev/net/tun to use it.  The configuration fails and qemu exits.

Patch is attached.

Steve D.

(See attached file: qemu-ifname.patch)

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Posting an updated version of the patch (fix the #ifdef _WIN32 case, as
well), this time with a signed-off-by line.

Signed-off-by: Steve Dobbelstein <steved@us.ibm.com>

--------------------------

Uninitialized ifname can cause qemu to quit.  If the first character of the
ifname is not \0, qemu will think that the junk in ifname is valid and
will configure /dev/net/tun to use it.  The configuration fails and qemu
exits.

--- a/tools/ioemu/vl.c  2006-07-17 10:25:07.000000000 -0500
+++ b/tools/ioemu/vl.c  2006-07-26 09:43:32.000000000 -0500
@@ -3266,6 +3266,7 @@
 #ifdef _WIN32
     if (!strcmp(device, "tap")) {
         char ifname[64];
+        ifname[0] = ''\0'';
         if (get_param_value(ifname, sizeof(ifname), "ifname", p)
<= 0) {
             fprintf(stderr, "tap: no interface name\n");
             return -1;
@@ -3278,6 +3279,7 @@
         char setup_script[1024];
         char bridge[16];
         int fd;
+        ifname[0] = setup_script[0] = bridge[0] = ''\0'';
         if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
             fd = strtol(buf, NULL, 0);
             ret = -1;

(See attached file: qemu-ifname.patch)

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On 7/26/06, Steve Dobbelstein <steved@us.ibm.com>
wrote:
>
> Posting an updated version of the patch (fix the #ifdef _WIN32 case, as
> well), this time with a signed-off-by line.
I''ve applied a subset of this patch.  The _WIN32 code is already
correct and script/bridge missing is already handled correctly.

    christian
>
> Signed-off-by: Steve Dobbelstein <steved@us.ibm.com>
>
> --------------------------
>
> Uninitialized ifname can cause qemu to quit.  If the first character of the
> ifname is not \0, qemu will think that the junk in ifname is valid and
> will configure /dev/net/tun to use it.  The configuration fails and qemu
> exits.
>
> --- a/tools/ioemu/vl.c  2006-07-17 10:25:07.000000000 -0500
> +++ b/tools/ioemu/vl.c  2006-07-26 09:43:32.000000000 -0500
> @@ -3266,6 +3266,7 @@
>  #ifdef _WIN32
>      if (!strcmp(device, "tap")) {
>          char ifname[64];
> +        ifname[0] = ''\0'';
>          if (get_param_value(ifname, sizeof(ifname), "ifname", p)
<= 0) {
>              fprintf(stderr, "tap: no interface name\n");
>              return -1;
> @@ -3278,6 +3279,7 @@
>          char setup_script[1024];
>          char bridge[16];
>          int fd;
> +        ifname[0] = setup_script[0] = bridge[0] = ''\0'';
>          if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
>              fd = strtol(buf, NULL, 0);
>              ret = -1;
>
> (See attached file: qemu-ifname.patch)
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
>
>
>
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel