Browse Source

qemu-bridge-helper: Fix misuse of isspace()

parse_acl_file() passes char values to isspace().  Undefined behavior
when the value is negative.  Not a security issue, because the
characters come from trusted $prefix/etc/qemu/bridge.conf and the
files it includes.

Furthermore, isspace()'s locale-dependence means qemu-bridge-helper
uses the user's locale for parsing $prefix/etc/bridge.conf.  Feels
wrong.

Use g_ascii_isspace() instead.  This fixes the undefined behavior, and
makes parsing of $prefix/etc/bridge.conf locale-independent.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190514180311.16028-2-armbru@redhat.com>
tags/v4.1.0-rc0
Markus Armbruster 3 months ago
parent
commit
b8c3511d08
1 changed files with 3 additions and 3 deletions
  1. 3
    3
      qemu-bridge-helper.c

+ 3
- 3
qemu-bridge-helper.c View File

@@ -75,7 +75,7 @@ static int parse_acl_file(const char *filename, ACLList *acl_list)
char *ptr = line;
char *cmd, *arg, *argend;

while (isspace(*ptr)) {
while (g_ascii_isspace(*ptr)) {
ptr++;
}

@@ -99,12 +99,12 @@ static int parse_acl_file(const char *filename, ACLList *acl_list)

*arg = 0;
arg++;
while (isspace(*arg)) {
while (g_ascii_isspace(*arg)) {
arg++;
}

argend = arg + strlen(arg);
while (arg != argend && isspace(*(argend - 1))) {
while (arg != argend && g_ascii_isspace(*(argend - 1))) {
argend--;
}
*argend = 0;

Loading…
Cancel
Save