diff --git a/devicemodel/hw/block_if.c b/devicemodel/hw/block_if.c index 130262c56..76001108f 100644 --- a/devicemodel/hw/block_if.c +++ b/devicemodel/hw/block_if.c @@ -45,6 +45,7 @@ #include "dm.h" #include "block_if.h" #include "ahci.h" +#include "dm_string.h" /* * Notes: @@ -429,8 +430,11 @@ blockif_open(const char *optstr, const char *ident) fd = -1; ssopt = 0; + pssopt = 0; ro = 0; sub_file_assign = 0; + sub_file_start_lba = 0; + sub_file_size = 0; /* writethru is on by default */ writeback = 0; @@ -454,14 +458,30 @@ blockif_open(const char *optstr, const char *ident) writeback = 0; else if (!strcmp(cp, "ro")) ro = 1; - else if (sscanf(cp, "sectorsize=%d/%d", &ssopt, &pssopt) == 2) - ; - else if (sscanf(cp, "sectorsize=%d", &ssopt) == 1) - pssopt = ssopt; - else if (sscanf(cp, "range=%ld/%ld", &sub_file_start_lba, - &sub_file_size) == 2) - sub_file_assign = 1; - else { + else if (!strncmp(cp, "sectorsize", strlen("sectorsize"))) { + /* + * sectorsize= + * or + * sectorsize=/ + */ + if (strsep(&cp, "=") && !dm_strtoi(cp, &cp, 10, &ssopt)) { + pssopt = ssopt; + if (*cp == '/' && + dm_strtoi(cp + 1, &cp, 10, &pssopt) < 0) + goto err; + } else { + goto err; + } + } else if (!strncmp(cp, "range", strlen("range"))) { + /* range=/ */ + if (strsep(&cp, "=") && + !dm_strtol(cp, &cp, 10, &sub_file_start_lba) && + *cp == '/' && + !dm_strtol(cp + 1, &cp, 10, &sub_file_size)) + sub_file_assign = 1; + else + goto err; + } else { fprintf(stderr, "Invalid device option \"%s\"\n", cp); goto err; } @@ -610,8 +630,11 @@ blockif_open(const char *optstr, const char *ident) } for (i = 0; i < BLOCKIF_NUMTHR; i++) { + if (snprintf(tname, sizeof(tname), "blk-%s-%d", + ident, i) >= sizeof(tname)) { + perror("blk thread name too long"); + } pthread_create(&bc->btid[i], NULL, blockif_thr, bc); - snprintf(tname, sizeof(tname), "blk-%s-%d", ident, i); pthread_setname_np(bc->btid[i], tname); } diff --git a/devicemodel/hw/pci/virtio/virtio_block.c b/devicemodel/hw/pci/virtio/virtio_block.c index 152e7a968..beb0c4162 100644 --- a/devicemodel/hw/pci/virtio/virtio_block.c +++ b/devicemodel/hw/pci/virtio/virtio_block.c @@ -41,6 +41,7 @@ #include "block_if.h" #define VIRTIO_BLK_RINGSZ 64 +#define VIRTIO_BLK_MAX_OPTS_LEN 256 #define VIRTIO_BLK_S_OK 0 #define VIRTIO_BLK_S_IOERR 1 @@ -338,7 +339,10 @@ virtio_blk_init(struct vmctx *ctx, struct pci_vdev *dev, char *opts) /* * The supplied backing file has to exist */ - snprintf(bident, sizeof(bident), "%d:%d", dev->slot, dev->func); + if (snprintf(bident, sizeof(bident), "%d:%d", + dev->slot, dev->func) >= sizeof(bident)) { + WPRINTF(("bident error, please check slot and func\n")); + } bctxt = blockif_open(opts, bident); if (bctxt == NULL) { perror("Could not open backing file"); @@ -391,10 +395,14 @@ virtio_blk_init(struct vmctx *ctx, struct pci_vdev *dev, char *opts) * md5 sum of the filename */ MD5_Init(&mdctx); - MD5_Update(&mdctx, opts, strlen(opts)); + MD5_Update(&mdctx, opts, strnlen(opts, VIRTIO_BLK_MAX_OPTS_LEN)); MD5_Final(digest, &mdctx); - sprintf(blk->ident, "ACRN--%02X%02X-%02X%02X-%02X%02X", - digest[0], digest[1], digest[2], digest[3], digest[4], digest[5]); + if (snprintf(blk->ident, sizeof(blk->ident), + "ACRN--%02X%02X-%02X%02X-%02X%02X", digest[0], + digest[1], digest[2], digest[3], digest[4], + digest[5]) >= sizeof(blk->ident)) { + WPRINTF(("virtio_blk: block ident too long\n")); + } /* setup virtio block config space */ blk->cfg.capacity = size / DEV_BSIZE; /* 512-byte units */