[Spice-devel] [PATCH usbredir] usbredirserver: reject empty vendor id in cmd line
Chen Hanxiao
chen_han_xiao at 126.com
Tue Nov 28 11:16:16 UTC 2017
At 2017-11-28 19:11:23, "Frediano Ziglio" <fziglio at redhat.com> wrote:
>>
>> At 2017-11-28 18:49:54, "Frediano Ziglio" <fziglio at redhat.com> wrote:
>> >>
>> >> At 2017-11-28 18:27:54, "Frediano Ziglio" <fziglio at redhat.com> wrote:
>> >> >>
>> >> >> From: Chen Hanxiao <chenhanxiao at gmail.com>
>> >> >>
>> >> >> Vendor ID 0000 is not a valid ID [1]
>> >> >> But we could pass it from cmd:
>> >> >> usbredirserver :abcd
>> >> >> or
>> >> >> usbredirserver 0000:abcd
>> >> >>
>> >> >> Which will pass a 0000 vendor id to usbredirserver.
>> [snip]
>>
>> >> >
>> >> >Maybe you want something like
>> >> >
>> >> > if (*endptr != ':' || usbvendor <= 0 || usbvendor > 0xffff) {
>> >> >
>> >> >similar for usbproduct.
>> >>
>> >> We don't need to check for usbvendor <0, for we don't have long options
>> >> for
>> >> usbvendor:usbproduct.
>> >> So I don't know how to pass a negative value to it.
>> >>
>> >
>> >Well, try "81234567:-123" :-)
>>
>> As:
>> https://github.com/chenhanxiao/usbredir/blob/master/usbredirserver/usbredirserver.c#L246-L249
>>
>> It will fail at:
>> if (*endptr != '-') { //may get ':' here
>>
>>
>> Regards,
>> - Chen
>>
>
>Yes, you are right, everything containing "-" is parsed as BUS-ADDR however
>you can have strings like "81234567:123" that will still trigger an overflow
>and possible weird thing like "123--123" or " -123- 12345678901".
>Depends how strict you want to be and how nasty the user wants to be.
>
Thanks for your detail explanation.
For safe, let's check the range of vendorid, productid.
Regards,
- Chen
More information about the Spice-devel
mailing list