From patchwork Thu Nov 15 09:04:23 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Li Qiang X-Patchwork-Id: 998190 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="JopnWlp0"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 42wb8G1yQgz9s3x for ; Thu, 15 Nov 2018 20:06:38 +1100 (AEDT) Received: from localhost ([::1]:37537 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gNDbf-0006JM-QM for incoming@patchwork.ozlabs.org; Thu, 15 Nov 2018 04:06:35 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59433) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gNDa0-0005Xf-N4 for qemu-devel@nongnu.org; Thu, 15 Nov 2018 04:04:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gNDZt-0006vg-Of for qemu-devel@nongnu.org; Thu, 15 Nov 2018 04:04:50 -0500 Received: from mail-pg1-x542.google.com ([2607:f8b0:4864:20::542]:41659) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gNDZn-0006py-WF for qemu-devel@nongnu.org; Thu, 15 Nov 2018 04:04:41 -0500 Received: by mail-pg1-x542.google.com with SMTP id 70so8714335pgh.8 for ; Thu, 15 Nov 2018 01:04:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=taYdE0q7AHKuNv3JdgyLWUdB2yWLTr44y22325FIS6A=; b=JopnWlp0ozDpPtCCdO14rV9T7Wpxn7TKu6eClvjAwcbEvrFUUXuszigcAw71EIVouN 46022CiNX3Asxi8i/jc8Bja4BOBQp4HjlBfWt0i9DzujAXn0i9TrR3x2eg2TyfGzVKyK 0Fs4kqlExkl6cGGhKVcBO0VTtnjtpo17e3FvyVydB3ngBnv8O+I4DstZGt5Dp7Z7DXDe tc0YbBnVNtkHvkq1zm1sP9GrodjGXKGSE6ERLi7CyOJTovbFs07G7b03xZsclFvpo+FZ HMoeWBmxWo/sgSH++2q/bJsWaIJy4ziEMFw68GiDw9Nqi3ArlWdlrgGvk5w+vpaYJut+ Kimg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=taYdE0q7AHKuNv3JdgyLWUdB2yWLTr44y22325FIS6A=; b=SIZCd3zNSYKuBWnlqbl1oq+lryTE9766d134Q6xdBT9Zf9yChX448s0R0Gn/mY+Hgq c9SVKixFugRlYDhhcO3MId/TvOtKSlsUQ920XXU0BXwu2iVANTBux2tQ8k5iHm8Eq2lQ 7tq8VHRW9k3oT9qfNpLVOnyH/WB5TS3jVJsPi5F20o+Jp0F7tVV018GMeMOfM8lPzEME UjKm1ctdSQ5eGvocdVDw5JkgndWbi25QbXk8IHb72AXQZzH4HOOCmXbxdLnZy3v77bmp CbVirjCdox8XdK826BrR7QGfDxjI9Lci9yiWQ3AhEgLA8TgsPet0QNKvts6CRqgVKNPq HbBg== X-Gm-Message-State: AGRZ1gJ1TEbDm1sGYsnMl9NjvvlJoJ/CYAUetEpslXDQf6a0m/1Ld9AF 9gwHXgldPGEkSFxq1C7mNqg= X-Google-Smtp-Source: AJdET5fC70ZaKt/fhqZVKZMU9fpV2IQQ/KDTtHAX9vb2IPjUYBCVVZiy+LEOj6ajzQ+U263qJ+XIOg== X-Received: by 2002:a63:d904:: with SMTP id r4mr5028860pgg.207.1542272669415; Thu, 15 Nov 2018 01:04:29 -0800 (PST) Received: from localhost.localdomain.localdomain ([103.65.40.100]) by smtp.gmail.com with ESMTPSA id e86sm4172034pfb.6.2018.11.15.01.04.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Nov 2018 01:04:28 -0800 (PST) From: Li Qiang To: kraxel@redhat.com Date: Thu, 15 Nov 2018 01:04:23 -0800 Message-Id: <1542272663-6619-1-git-send-email-liq3ea@gmail.com> X-Mailer: git-send-email 1.8.3.1 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::542 Subject: [Qemu-devel] [PATCH] keymaps: detect recursive keyboard layout file X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Li Qiang , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" When the parse_keyboard_layout() find a "include " line in the keyboard layout file, it will call parse_keyboard_layout() to perform a recursive parse. If the keyboard layout is malformed by adding a line include itself, this can cause an infinite parse. Thus cause qemu a segv. This patch avoid this. Signed-off-by: Li Qiang --- ui/keymaps.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/ui/keymaps.c b/ui/keymaps.c index 085889b555..564893a9f3 100644 --- a/ui/keymaps.c +++ b/ui/keymaps.c @@ -38,6 +38,8 @@ struct kbd_layout_t { GHashTable *hash; }; +GList *keyboard_files; + static int get_keysym(const name2keysym_t *table, const char *name) { @@ -80,6 +82,11 @@ static void add_keysym(char *line, int keysym, int keycode, kbd_layout_t *k) trace_keymap_add(keysym, keycode, line); } +static gint compare_string(gconstpointer a, gconstpointer b) +{ + return g_strcmp0(a, b); +} + static int parse_keyboard_layout(kbd_layout_t *k, const name2keysym_t *table, const char *language, Error **errp) @@ -94,12 +101,18 @@ static int parse_keyboard_layout(kbd_layout_t *k, filename = qemu_find_file(QEMU_FILE_TYPE_KEYMAP, language); trace_keymap_parse(filename); f = filename ? fopen(filename, "r") : NULL; - g_free(filename); if (!f) { + g_free(filename); error_setg(errp, "could not read keymap file: '%s'", language); return -1; } + if (g_list_find_custom(keyboard_files, filename, compare_string)) { + error_setg(errp, "find recursive keyboard layout: %s'", filename); + g_free(filename); + return -1; + } + keyboard_files = g_list_append(keyboard_files, filename); for(;;) { if (fgets(line, 1024, f) == NULL) { break; @@ -168,6 +181,8 @@ static int parse_keyboard_layout(kbd_layout_t *k, ret = 0; out: fclose(f); + keyboard_files = g_list_remove(keyboard_files, filename); + g_free(filename); return ret; }