qemu/util
Markus Armbruster 44fdc76455 sockets: Fix socket_address_to_string() hostname truncation
We first snprintf() to a fixed buffer, then g_strdup() the result
*boggle*.

Worse, the size of the fixed buffer INET6_ADDRSTRLEN + 5 + 4 is bogus:
the 4 correctly accounts for '[', ']', ':' and '\0', but
INET6_ADDRSTRLEN is not a suitable limit for inet->host, and 5 is not
one for inet->port!  They are for host and port in *numeric* form
(exploiting that INET6_ADDRSTRLEN > INET_ADDRSTRLEN), but inet->host
can also be a hostname, and inet->port can be a service name, to be
resolved with getaddrinfo().

Fortunately, the only user so far is the "socket" network backend's
net_socket_connected(), which uses it to initialize a NetSocketState's
info_str[].  info_str[] has considerable more space: 256 instead of
55.  So the bug's impact appears to be limited to truncated "info
networks" with the "socket" network backend.

The fix is obvious: use g_strdup_printf().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1490268208-23368-1-git-send-email-armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 18:50:38 +02:00
..
acl.c Drop Emacs local variables lists redundant with .dir-locals.el 2016-07-12 16:19:16 +02:00
aio-posix.c async: remove unnecessary inc/dec pairs 2017-02-21 11:39:40 +00:00
aio-win32.c async: remove unnecessary inc/dec pairs 2017-02-21 11:39:40 +00:00
aiocb.c block: move AioContext, QEMUTimer, main-loop to libqemuutil 2017-02-21 11:14:07 +00:00
async.c cpus: define QEMUTimerListNotifyCB for QEMU system emulation 2017-03-14 13:28:29 +01:00
base64.c include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
bitmap.c bitmap: assert that start and nr are non negative 2017-01-20 13:22:17 +01:00
bitops.c util: Clean up includes 2016-02-04 17:01:04 +00:00
buffer.c qemu-common: stop including qemu/host-utils.h from qemu-common.h 2016-05-19 16:42:28 +02:00
bufferiszero.c cutils: Rewrite x86 buffer zero checking 2016-09-14 12:25:14 +02:00
compatfd.c cpus: remove ugly cast on sigbus_handler 2017-03-03 16:40:02 +01:00
coroutine-gthread.c all: Remove unnecessary glib.h includes 2016-06-07 18:19:24 +03:00
coroutine-sigaltstack.c coroutine-sigaltstack: use helper for allocating stack memory 2016-09-29 14:13:39 +02:00
coroutine-ucontext.c coroutine-ucontext: use helper for allocating stack memory 2016-09-29 14:13:39 +02:00
coroutine-win32.c coroutine: add a macro for the coroutine stack size 2016-09-29 14:13:39 +02:00
crc32c.c util: Clean up includes 2016-02-04 17:01:04 +00:00
cutils.c util/cutils: Change qemu_strtosz*() from int64_t to uint64_t 2017-02-23 20:35:36 +01:00
envlist.c util: Clean up includes 2016-02-04 17:01:04 +00:00
error.c migration: add reporting of errors for outgoing migration 2016-05-26 11:31:30 +05:30
event_notifier-posix.c event_notifier: cleanups around event_notifier_set_handler 2017-01-16 17:52:35 +01:00
event_notifier-win32.c event_notifier: cleanups around event_notifier_set_handler 2017-01-16 17:52:35 +01:00
fifo8.c migration: consolidate VMStateField.start 2017-02-13 17:27:13 +00:00
getauxval.c util: Clean up includes 2016-02-04 17:01:04 +00:00
hbitmap.c hbitmap: Add hbitmap_is_serializable() 2017-01-26 10:25:01 +08:00
hexdump.c util: Improved qemu_hexmap() to include an ascii dump of the buffer 2016-04-06 09:52:07 +08:00
host-utils.c host-utils: Implement unsigned quadword left/right shift and unit tests 2017-01-31 10:10:14 +11:00
id.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
iohandler.c block: move AioContext, QEMUTimer, main-loop to libqemuutil 2017-02-21 11:14:07 +00:00
iov.c util: Fix assertion in iov_copy() upon zero 'bytes' and non-zero 'offset' 2016-08-03 18:44:57 +02:00
keyval.c keyval: Document issues with 'any' and alternate types 2017-03-21 10:42:09 +01:00
lockcnt.c qemu-thread: optimize QemuLockCnt with futexes on Linux 2017-01-16 13:25:18 +00:00
log.c util/cutils: Rename qemu_strtoll(), qemu_strtoull() 2017-02-23 20:35:35 +01:00
main-loop.c cpus: define QEMUTimerListNotifyCB for QEMU system emulation 2017-03-14 13:28:29 +01:00
Makefile.objs qemu-ga: obey LISTEN_PID when using systemd socket activation 2017-03-19 11:12:12 +01:00
memfd.c os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
mmap-alloc.c exec, kvm, target-ppc: Move getrampagesize() to common code 2017-03-03 11:30:59 +11:00
module.c module: Don't load the same module if requested multiple times 2016-10-07 14:14:06 +02:00
notify.c util: Clean up includes 2016-02-04 17:01:04 +00:00
osdep.c osdep: Introduce qemu_dup 2016-07-13 13:26:02 +02:00
oslib-posix.c mem-prealloc: fix sysconf(_SC_NPROCESSORS_ONLN) failure case. 2017-03-24 11:50:11 +01:00
oslib-win32.c mem-prealloc: reduce large guest start-up and migration time. 2017-03-14 13:26:36 +01:00
path.c util: Removed unneeded header from path.c 2017-03-14 13:26:37 +01:00
qdist.c qdist: return "(empty)" instead of NULL when printing an empty dist 2016-08-03 18:44:56 +02:00
qemu-config.c block: Add bdrv_runtime_opts to query-command-line-options 2016-10-07 13:34:07 +02:00
qemu-coroutine-io.c coroutine: move entry argument to qemu_coroutine_create 2016-07-13 13:26:02 +02:00
qemu-coroutine-lock.c coroutine-lock: make CoRwlock thread-safe and fair 2017-02-21 11:39:40 +00:00
qemu-coroutine-sleep.c block: explicitly acquire aiocontext in timers that need it 2017-02-21 11:14:08 +00:00
qemu-coroutine.c coroutine-lock: add limited spinning to CoMutex 2017-02-21 11:39:40 +00:00
qemu-error.c qemu-error: remove dependency of stubs on monitor 2016-11-01 16:06:57 +01:00
qemu-openpty.c util: Clean up includes 2016-02-04 17:01:04 +00:00
qemu-option.c option: Tweak invalid size error message and unbreak iotest 049 2017-02-28 20:40:31 +01:00
qemu-progress.c util: Clean up includes 2016-02-04 17:01:04 +00:00
qemu-sockets.c sockets: Fix socket_address_to_string() hostname truncation 2017-03-28 18:50:38 +02:00
qemu-thread-posix.c * QOM interface fix (Eduardo) 2017-01-20 16:42:07 +00:00
qemu-thread-win32.c win32: replace custom mutex and condition variable with native primitives 2017-03-27 14:41:01 +02:00
qemu-timer-common.c util: Clean up includes 2016-02-04 17:01:04 +00:00
qemu-timer.c icount: process QEMU_CLOCK_VIRTUAL timers in vCPU thread 2017-03-14 13:51:34 +01:00
qht.c qht: fix unlock-after-free segfault upon resizing 2016-10-06 18:04:13 +02:00
range.c range: Replace internal representation of Range 2016-07-04 16:49:33 +03:00
rcu.c rcu: simplify memory barriers 2016-10-24 11:30:56 +02:00
readline.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
systemd.c qemu-ga: obey LISTEN_PID when using systemd socket activation 2017-03-19 11:12:12 +01:00
thread-pool.c thread-pool: add missing qemu_bh_cancel in completion function 2017-03-17 12:54:21 +01:00
throttle.c throttle: Don't allow burst limits to be lower than the normal limits 2016-08-05 09:59:06 +01:00
timed-average.c Fix some typos found by codespell 2016-05-18 15:04:27 +03:00
trace-events coroutine-lock: make CoMutex thread-safe 2017-02-21 11:39:40 +00:00
unicode.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
uri.c Fix documentation and some comments (article, grammar) 2017-01-24 23:26:52 +03:00
uuid.c uuid: Tighten uuid parse 2016-09-23 11:42:52 +08:00