Message ID | 20230109190321.1056914-3-armbru@redhat.com |
---|---|
State | New |
Headers | show |
Series | ui: Move and clean up monitor command code | expand |
On 9/1/23 20:03, Markus Armbruster wrote: > Keys are int. HMP sendkey assigns them from the value strtoul(), > silently truncating values greater than INT_MAX. Fix to reject them. > > Signed-off-by: Markus Armbruster <armbru@redhat.com> > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> > --- > monitor/hmp-cmds.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c index ed78a87ddd..9947ff0b45 100644 --- a/monitor/hmp-cmds.c +++ b/monitor/hmp-cmds.c @@ -1549,8 +1549,12 @@ void hmp_sendkey(Monitor *mon, const QDict *qdict) v = g_malloc0(sizeof(*v)); if (strstart(keys, "0x", NULL)) { - char *endp; - int value = strtoul(keys, &endp, 0); + const char *endp; + int value; + + if (qemu_strtoi(keys, &endp, 0, &value) < 0) { + goto err_out; + } assert(endp <= keys + keyname_len); if (endp != keys + keyname_len) { goto err_out;