On Mon, Jun 14, 2021 at 14:30:26 +0200, Michal Prívozník wrote:
On 6/14/21 2:26 PM, Peter Krempa wrote:
On Mon, Jun 14, 2021 at 14:14:47 +0200, Michal Prívozník wrote:
On 6/14/21 1:31 PM, Tim Wiederhake wrote:
On Mon, 2021-06-14 at 13:06 +0200, Michal Privoznik wrote:
In a few occasions in tests we pass INT_MAX to virFileReadLimFD(). This is not safe because virFileReadAll() will call virFileReadLimFD() under the hood which takes the limit and adds 1 to it.
Calling virFileReadAll with "INT_MAX - 1" looks funny. Is it possible to check for "maxlen >= INT_MAX" in virFileReadLimFD instead?
Actually, I don't understand why we need to add 1 in the first place. I'll push the other two patches and send v2 for this that removes the +1.
It's so that it guarantees that a file of 'maxlen' length is read completely and the terminating '\0' is in the resulting string.
Removing the '+ 1' would change this kind of semantics, which may require audit of all callers.
I'm not sure that's correct behaviour. I mean, if I specify that the limit should be X, then at the most X bytes should be read, not X+1.
Also, virFileReadLimFD() uses saferead_lim() which upon successful return makes sure the returned string is properly terminated.
saferead_lim indeed terminates the string properly. virFileReadLimFD uses the '+ 1' to see whether there are exactly "maxlen" chars in the file or potentially more than that. That's why it actually reads 1 more than the requested maximum. Whether that makes sense is obviously questionable and will require audit of all callers