diff options
author | Daniel P. Berrange <berrange@redhat.com> | 2015-11-23 15:37:07 +0000 |
---|---|---|
committer | Daniel P. Berrange <berrange@redhat.com> | 2015-12-18 16:25:08 +0000 |
commit | 920639cab0fe28d003c90b53bd8b66e8fb333bdd (patch) | |
tree | 6140738c5da2a22c018f9e24c3303c85235ba551 /qga | |
parent | e9cf2fe07ff70e939f80c624b44c10a4442eef0b (diff) | |
download | qemu-920639cab0fe28d003c90b53bd8b66e8fb333bdd.tar.gz qemu-920639cab0fe28d003c90b53bd8b66e8fb333bdd.tar.bz2 qemu-920639cab0fe28d003c90b53bd8b66e8fb333bdd.zip |
qga: convert to use error checked base64 decode
Switch from using g_base64_decode over to qbase64_decode
in order to get error checking of the base64 input data.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'qga')
-rw-r--r-- | qga/commands-posix.c | 11 | ||||
-rw-r--r-- | qga/commands-win32.c | 11 | ||||
-rw-r--r-- | qga/commands.c | 13 |
3 files changed, 30 insertions, 5 deletions
diff --git a/qga/commands-posix.c b/qga/commands-posix.c index c2ff97021f..8fe708f001 100644 --- a/qga/commands-posix.c +++ b/qga/commands-posix.c @@ -29,6 +29,7 @@ #include "qemu/queue.h" #include "qemu/host-utils.h" #include "qemu/sockets.h" +#include "qemu/base64.h" #ifndef CONFIG_HAS_ENVIRON #ifdef __APPLE__ @@ -525,7 +526,10 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64, gfh->state = RW_STATE_NEW; } - buf = g_base64_decode(buf_b64, &buf_len); + buf = qbase64_decode(buf_b64, -1, &buf_len, errp); + if (!buf) { + return NULL; + } if (!has_count) { count = buf_len; @@ -1963,7 +1967,10 @@ void qmp_guest_set_user_password(const char *username, char *chpasswddata = NULL; size_t chpasswdlen; - rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen); + rawpasswddata = (char *)qbase64_decode(password, -1, &rawpasswdlen, errp); + if (!rawpasswddata) { + return; + } rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1); rawpasswddata[rawpasswdlen] = '\0'; diff --git a/qga/commands-win32.c b/qga/commands-win32.c index 0654fe4fe7..61ffbdf1ee 100644 --- a/qga/commands-win32.c +++ b/qga/commands-win32.c @@ -34,6 +34,7 @@ #include "qapi/qmp/qerror.h" #include "qemu/queue.h" #include "qemu/host-utils.h" +#include "qemu/base64.h" #ifndef SHTDN_REASON_FLAG_PLANNED #define SHTDN_REASON_FLAG_PLANNED 0x80000000 @@ -357,7 +358,10 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64, return NULL; } fh = gfh->fh; - buf = g_base64_decode(buf_b64, &buf_len); + buf = qbase64_decode(buf_b64, -1, &buf_len, errp); + if (!buf) { + return NULL; + } if (!has_count) { count = buf_len; @@ -1294,7 +1298,10 @@ void qmp_guest_set_user_password(const char *username, return; } - rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen); + rawpasswddata = (char *)qbase64_decode(password, -1, &rawpasswdlen, errp); + if (!rawpasswddata) { + return; + } rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1); rawpasswddata[rawpasswdlen] = '\0'; diff --git a/qga/commands.c b/qga/commands.c index bb73e7dfbf..58568d8452 100644 --- a/qga/commands.c +++ b/qga/commands.c @@ -14,6 +14,7 @@ #include "qga/guest-agent-core.h" #include "qga-qmp-commands.h" #include "qapi/qmp/qerror.h" +#include "qemu/base64.h" /* Maximum captured guest-exec out_data/err_data - 16MB */ #define GUEST_EXEC_MAX_OUTPUT (16*1024*1024) @@ -393,10 +394,19 @@ GuestExec *qmp_guest_exec(const char *path, GIOChannel *in_ch, *out_ch, *err_ch; GSpawnFlags flags; bool has_output = (has_capture_output && capture_output); + uint8_t *input = NULL; + size_t ninput = 0; arglist.value = (char *)path; arglist.next = has_arg ? arg : NULL; + if (has_input_data) { + input = qbase64_decode(input_data, -1, &ninput, err); + if (!input) { + return NULL; + } + } + argv = guest_exec_get_args(&arglist, true); envp = has_env ? guest_exec_get_args(env, false) : NULL; @@ -425,7 +435,8 @@ GuestExec *qmp_guest_exec(const char *path, g_child_watch_add(pid, guest_exec_child_watch, gei); if (has_input_data) { - gei->in.data = g_base64_decode(input_data, &gei->in.size); + gei->in.data = input; + gei->in.size = ninput; #ifdef G_OS_WIN32 in_ch = g_io_channel_win32_new_fd(in_fd); #else |