Re: [libvirt] [PATCH 1/2] virsh: check if domiftune parameters fit into UINT

We parse the bandwidth rates as unsinged long long, then try to fit them in VIR_TYPED_PARAM_UINT. Report an error if they exceed UINT_MAX instead of quietly using wrong values. https://bugzilla.redhat.com/show_bug.cgi?id=1043735 --- tools/virsh-domain.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index ad68aab..f7193cb 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -2686,6 +2686,14 @@ cmdDomIftune(vshControl *ctl, const vshCmd *cmd) vshError(ctl, _("inbound format is incorrect")); goto cleanup; }

+ /* we parse the rate as unsigned long long, but the API + * only accepts UINT */ + if (inbound.average > UINT_MAX || inbound.peak > UINT_MAX || + inbound.burst > UINT_MAX) { + vshError(ctl, _("inbound rate larger than maximum %u"), + UINT_MAX); + goto cleanup; + } if (inbound.average == 0 && (inbound.burst || inbound.peak)) { vshError(ctl, _("inbound average is mandatory")); goto cleanup; @@ -2714,6 +2722,12 @@ cmdDomIftune(vshControl *ctl, const vshCmd *cmd) vshError(ctl, _("outbound format is incorrect")); goto cleanup; } + if (outbound.average > UINT_MAX || outbound.peak > UINT_MAX || + outbound.burst > UINT_MAX) { + vshError(ctl, _("outbound rate larger than maximum %u"), + UINT_MAX); + goto cleanup; + } if (outbound.average == 0 && (outbound.burst || outbound.peak)) { vshError(ctl, _("outbound average is mandatory")); goto cleanup;