dm: storage: banned functions replace

1. replace sscanf with string API. 2. replace sprintf with snprintf 3. replace strlen with strnlen Tracked-on: #1496 Signed-off-by: Conghui Chen <conghui.chen@intel.com> Reviewed-by: Shuo Liu <shuo.a.liu@intel.com> Acked-by: Yin Fengwei <fengwei.yin@intel.com>
2025-05-29 10:24:50 +00:00 · 2018-10-18 07:26:01 +08:00 · 2018-10-18 07:26:01 +08:00 · 21458bddff
commit 21458bddff
parent e1dab512c2
2 changed files with 44 additions and 13 deletions
--- a/devicemodel/hw/block_if.c
+++ b/devicemodel/hw/block_if.c
@ -45,6 +45,7 @@
 #include "dm.h"
 #include "block_if.h"
 #include "ahci.h"
+#include "dm_string.h"

 /*
 * Notes:
@ -429,8 +430,11 @@ blockif_open(const char *optstr, const char *ident)

 	fd = -1;
 	ssopt = 0;
+	pssopt = 0;
 	ro = 0;
 	sub_file_assign = 0;
+	sub_file_start_lba = 0;
+	sub_file_size = 0;

 	/* writethru is on by default */
 	writeback = 0;
@ -454,14 +458,30 @@ blockif_open(const char *optstr, const char *ident)
 			writeback = 0;
 		else if (!strcmp(cp, "ro"))
 			ro = 1;
-		else if (sscanf(cp, "sectorsize=%d/%d", &ssopt, &pssopt) == 2)
-			;
-		else if (sscanf(cp, "sectorsize=%d", &ssopt) == 1)
+		else if (!strncmp(cp, "sectorsize", strlen("sectorsize"))) {
+			/*
+			 *  sectorsize=<sector size>
+			 * or
+			 *  sectorsize=<sector size>/<physical sector size>
+			 */
+			if (strsep(&cp, "=") && !dm_strtoi(cp, &cp, 10, &ssopt)) {
 				pssopt = ssopt;
-		else if (sscanf(cp, "range=%ld/%ld", &sub_file_start_lba,
-				&sub_file_size) == 2)
+				if (*cp == '/' &&
+					dm_strtoi(cp + 1, &cp, 10, &pssopt) < 0)
+					goto err;
+			} else {
+				goto err;
+			}
+		} else if (!strncmp(cp, "range", strlen("range"))) {
+			/* range=<start lba>/<subfile size> */
+			if (strsep(&cp, "=") &&
+				!dm_strtol(cp, &cp, 10, &sub_file_start_lba) &&
+				*cp == '/' &&
+				!dm_strtol(cp + 1, &cp, 10, &sub_file_size))
 				sub_file_assign = 1;
-		else {
+			else
+				goto err;
+		} else {
 			fprintf(stderr, "Invalid device option \"%s\"\n", cp);
 			goto err;
 		}
@ -610,8 +630,11 @@ blockif_open(const char *optstr, const char *ident)
 	}

 	for (i = 0; i < BLOCKIF_NUMTHR; i++) {
+		if (snprintf(tname, sizeof(tname), "blk-%s-%d",
+					ident, i) >= sizeof(tname)) {
+			perror("blk thread name too long");
+		}
 		pthread_create(&bc->btid[i], NULL, blockif_thr, bc);
-		snprintf(tname, sizeof(tname), "blk-%s-%d", ident, i);
 		pthread_setname_np(bc->btid[i], tname);
 	}

--- a/devicemodel/hw/pci/virtio/virtio_block.c
+++ b/devicemodel/hw/pci/virtio/virtio_block.c
@ -41,6 +41,7 @@
 #include "block_if.h"

 #define VIRTIO_BLK_RINGSZ	64
+#define VIRTIO_BLK_MAX_OPTS_LEN	256

 #define VIRTIO_BLK_S_OK	0
 #define VIRTIO_BLK_S_IOERR	1
@ -338,7 +339,10 @@ virtio_blk_init(struct vmctx *ctx, struct pci_vdev *dev, char *opts)
 	/*
 	 * The supplied backing file has to exist
 	 */
-	snprintf(bident, sizeof(bident), "%d:%d", dev->slot, dev->func);
+	if (snprintf(bident, sizeof(bident), "%d:%d",
+				dev->slot, dev->func) >= sizeof(bident)) {
+		WPRINTF(("bident error, please check slot and func\n"));
+	}
 	bctxt = blockif_open(opts, bident);
 	if (bctxt == NULL) {
 		perror("Could not open backing file");
@ -391,10 +395,14 @@ virtio_blk_init(struct vmctx *ctx, struct pci_vdev *dev, char *opts)
 	 * md5 sum of the filename
 	 */
 	MD5_Init(&mdctx);
-	MD5_Update(&mdctx, opts, strlen(opts));
+	MD5_Update(&mdctx, opts, strnlen(opts, VIRTIO_BLK_MAX_OPTS_LEN));
 	MD5_Final(digest, &mdctx);
-	sprintf(blk->ident, "ACRN--%02X%02X-%02X%02X-%02X%02X",
-	    digest[0], digest[1], digest[2], digest[3], digest[4], digest[5]);
+	if (snprintf(blk->ident, sizeof(blk->ident),
+		"ACRN--%02X%02X-%02X%02X-%02X%02X", digest[0],
+		digest[1], digest[2], digest[3], digest[4],
+		digest[5]) >= sizeof(blk->ident)) {
+		WPRINTF(("virtio_blk: block ident too long\n"));
+	}

 	/* setup virtio block config space */
 	blk->cfg.capacity = size / DEV_BSIZE; /* 512-byte units */