From nobody Thu Apr 2 17:01:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1774605415; cv=none; d=zohomail.com; s=zohoarc; b=IHV+nRo/YgJk1kS/1DQNw+Rv1R3Q3h+y8vbcGImAifU80IVL2hWazVkZegRDIweXTPoqpfNeJh5hcTpYxjg5BPzxQuIWJvyHia7DNV3xTYJ+Cw6xe1/FQNmU8OksQfv+wWxJz15qMp8CWFil/z+CQGfQtuXS7Ps9LOtGQ6Dtvzg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1774605415; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=I7UpWzANGlYuLOtg/GFOx+3evGd8BdCanQVUlp53VTs=; b=GXdlR2YA2q4TpYUpLEz+c0voPA+nXJr4wKO7Yy0TsoUtJMsweeQA4hIoYdkLoFibeRjYFSPg6XOUSPHAt9jwJaypqCUQFPrth3zHqRMO2wl/op1D/Wt23seFU92+q7m8o5Wnrx3gYKLiYy6D868dmH5d6La7pkiy64xl3lMymCs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1774605415383431.85076336106886; Fri, 27 Mar 2026 02:56:55 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 7A7BA3F88F; Fri, 27 Mar 2026 05:56:54 -0400 (EDT) Received: from [172.19.199.12] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 9A18F41812; Fri, 27 Mar 2026 05:54:58 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id D7F1E3F30F; Fri, 27 Mar 2026 05:54:52 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 965333F276 for ; Fri, 27 Mar 2026 05:54:52 -0400 (EDT) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-477-y4_COaOHNJK4Z4tnT-ym1g-1; Fri, 27 Mar 2026 05:54:50 -0400 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 95ED119560BB for ; Fri, 27 Mar 2026 09:54:49 +0000 (UTC) Received: from speedmetal.openshiftapps.com (unknown [10.45.242.5]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id DD65930001A1 for ; Fri, 27 Mar 2026 09:54:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774605292; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=I7UpWzANGlYuLOtg/GFOx+3evGd8BdCanQVUlp53VTs=; b=a9eYfT1l+luERoxo60rN7Wvn46NS2rRZRqBR6T2roVoRF9n5FyjiK9ryc6VjFi0pRtqqdq 9wjulul+2ReYmTaW84Sni2MRrS5W8lR09yhVlsHx3J9awplE/aGuTMXu7tky4AKqp731Oe d57hCAnvqTsctQJOnF9n4O+AvHWT3E8= X-MC-Unique: y4_COaOHNJK4Z4tnT-ym1g-1 X-Mimecast-MFC-AGG-ID: y4_COaOHNJK4Z4tnT-ym1g_1774605289 To: devel@lists.libvirt.org Subject: [PATCH 1/6] virPCIDeviceReadClass: Don't write beyond end of buffer from virFileReadAll Date: Fri, 27 Mar 2026 10:54:37 +0100 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: OOk-iRjAZZt3RhZ6BoMV0U1JmFITpkifBhXZYq_zKFU_1774605289 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: SONJNX7LVIE345MPCHQPTDZYYSDNFVDB X-Message-ID-Hash: SONJNX7LVIE345MPCHQPTDZYYSDNFVDB X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1774605417119158500 Content-Type: text/plain; charset="utf-8" From: Peter Krempa The returned class string from the kernel isn't guaranteed to be always 9 bytes, thus the write to the buffer could happen beyond the guaranteed length. Since 'virFileReadAll' already NUL-terminates the buffer just delete the redundant overwrite. This fixes an invalid write beyond the end of the buffer happening since 458c6a281001d51fd9796 where the returned buffer is shortened. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/util/virpci.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/util/virpci.c b/src/util/virpci.c index ca6f2e8210..2e32ed17ff 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -487,7 +487,6 @@ virPCIDeviceReadClass(virPCIDevice *dev, uint16_t *devi= ce_class) if (virFileReadAll(path, 9, &id_str) < 0) return -1; - id_str[8] =3D '\0'; if (virStrToLong_ui(id_str, NULL, 16, &value) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Unusual value in %1$s/devices/%2$s/class: %3$s"), --=20 2.53.0 From nobody Thu Apr 2 17:01:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1774605498; cv=none; d=zohomail.com; s=zohoarc; b=YAUirRA73lLuxF+X0y4H9i54jxYhTWJydzRmwKqslp3h0b9SbQ3aFnS0x6qFETYKC+B6AG5qvrBYTSIJc8QN8yYB0g+8m5h4CJUAgW8NVwUAtoMo4XWPm/FA5atZOKe/ylEwGhYAa6Z6nKxlnVWQDhT2rFypecgQ36Q8eyBgE78= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1774605498; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=t+xNlClUOR4tF/hHIMuO1paiclewzcZTek+dFKIAWOs=; b=RD3rDYQKsf8j6xJHLiFnkGI9MBy99B5R2NNwnA5RefEhZvPmmDzmUv/t5up1+OkBObPBRgMrx2jS0DUelc7mv9yFtrFcramvOmSqehuZm2aRZn1QHDxm3i3nGJ038RU+padV6RDiii/eFinVqYVJ1goMRnAEve8DInNkGPnE2vE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1774605498720132.30180693525642; Fri, 27 Mar 2026 02:58:18 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 24CDE3F35B; Fri, 27 Mar 2026 05:58:18 -0400 (EDT) Received: from [172.19.199.12] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id BF04341A7F; Fri, 27 Mar 2026 05:55:15 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 6782D3F363; Fri, 27 Mar 2026 05:55:12 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 0E8F83F8A5 for ; Fri, 27 Mar 2026 05:54:55 -0400 (EDT) Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-274-BfZLADJ5M4eVbEuurWuPdQ-1; Fri, 27 Mar 2026 05:54:52 -0400 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 0942C18002C7 for ; Fri, 27 Mar 2026 09:54:52 +0000 (UTC) Received: from speedmetal.openshiftapps.com (unknown [10.45.242.5]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 4FBAB30001A1 for ; Fri, 27 Mar 2026 09:54:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774605294; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=t+xNlClUOR4tF/hHIMuO1paiclewzcZTek+dFKIAWOs=; b=cwg266ZJITxsWwRCloIwwuJJgT/Dnj8j8WDbEUkZJ35pAFIfa1APUPEdgJg3fWleXD1vna TPdxzHkE2u4lJs/SZXDoklfIn95kw9outn/HRGT6q5bl5MOyAlzj2XsQhYfFpl83QG4Fxq ueGz9hRgu4Tnb6wmnJSgEHAMu2/pH6k= X-MC-Unique: BfZLADJ5M4eVbEuurWuPdQ-1 X-Mimecast-MFC-AGG-ID: BfZLADJ5M4eVbEuurWuPdQ_1774605292 To: devel@lists.libvirt.org Subject: [PATCH 2/6] virSecretLoadValue: Don't re-termiante the buffer Date: Fri, 27 Mar 2026 10:54:39 +0100 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: JTAHQN0tz64UJImDn6d3Sz1Qbwtz0rGsbrS7FS7ljmM_1774605292 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: ADUZC7ORSII4J7GKXKYGNJTSTXZYHWSY X-Message-ID-Hash: ADUZC7ORSII4J7GKXKYGNJTSTXZYHWSY X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1774605499940154100 Content-Type: text/plain; charset="utf-8" From: Peter Krempa The buffer returned from 'virFileReadAll' is NUL terminated no need to do it explicitly or to shorten it since this is now also done. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/conf/virsecretobj.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/conf/virsecretobj.c b/src/conf/virsecretobj.c index b448be493a..82a61a747a 100644 --- a/src/conf/virsecretobj.c +++ b/src/conf/virsecretobj.c @@ -908,9 +908,6 @@ virSecretLoadValue(virSecretObj *obj, if ((filelen =3D virFileReadAll(filename, secretFileMaxLen, &filec= ontent)) < 0) return -1; - filecontent =3D g_realloc(filecontent, filelen + 1); - filecontent[filelen] =3D '\0'; - decoded =3D g_base64_decode(filecontent, &decodedlen); virSecureErase(filecontent, filelen); --=20 2.53.0 From nobody Thu Apr 2 17:01:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1774605559; cv=none; d=zohomail.com; s=zohoarc; b=emxSl8Up1ijTjWqhfxpppb6NdCAGUbw4WxjhV6XpVgiFwB34h6EdfzomGPYBe8ZMlWVilVe0FL/2yEaZx0UkcNjETORb0J3dqLTGyX8fc+kf31NVdX9BjnX+gIdk91HGjDSNvNJL5vwVA3k3ji5GIdqvMFGiXstCGGM8HwmvwIo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1774605559; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=e1ZcnmSyKmhBYKyMea+E/+mdJS7qpk2+a5ckCdaVgP4=; b=Zjfl5xCRLuPgs/Al3kosPCbaeGI14kU4kK7pAMSW97JjfXOggCpr/sh7c2CfJX2xDvs+SH3ALD2bLUoAUsUlvUspulaysW02mlWJTBVRynoK+lGUjrBzOa3FM11T/A3iZMWebmp7M5E3BDFhS4qGcHjJhlI3E0eQVGjHkbiZL8Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1774605559851588.4865256819202; Fri, 27 Mar 2026 02:59:19 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 639823F885; Fri, 27 Mar 2026 05:59:19 -0400 (EDT) Received: from [172.19.199.12] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 356823F364; Fri, 27 Mar 2026 05:55:57 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id BCE4C3F8B0; Fri, 27 Mar 2026 05:55:52 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 0B3654186F for ; Fri, 27 Mar 2026 05:54:57 -0400 (EDT) Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-217-8VD05n3eOcyz-M24Fb8C6w-1; Fri, 27 Mar 2026 05:54:55 -0400 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 81552195608D for ; Fri, 27 Mar 2026 09:54:54 +0000 (UTC) Received: from speedmetal.openshiftapps.com (unknown [10.45.242.5]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id C80C130001A1 for ; Fri, 27 Mar 2026 09:54:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774605296; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=e1ZcnmSyKmhBYKyMea+E/+mdJS7qpk2+a5ckCdaVgP4=; b=IC4hdVx9P7yWfwgmPFDo7jTTeF3+fE2JMy0/AHuH+vQnl+CUdm0r+TgG79OqT7xRAUigQZ H8cKvKHr8+585WdcgXP5zI7v1uUeL5VPeD7B5j6xi/wssve2aUZMYVrI9gxCFuLQFWjLX5 lBdeICXMM9vSRlhghBHv7nlBBA2Rv0U= X-MC-Unique: 8VD05n3eOcyz-M24Fb8C6w-1 X-Mimecast-MFC-AGG-ID: 8VD05n3eOcyz-M24Fb8C6w_1774605294 To: devel@lists.libvirt.org Subject: [PATCH 3/6] virNetDevIPCheckIPv6Forwarding: Don't NUL terminate buffer from virFileReadAll Date: Fri, 27 Mar 2026 10:54:41 +0100 Message-ID: <420bb7b80e6f3b6b09e83004439e3c91134cb1c8.1774605192.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: u3LdWzQibHpSRiPqPpfQBano0iIuqK2mpH7Zj7mcDWk_1774605294 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: KSTTLZS5BE4ARUUYRSTWMYR6RC4JCB5T X-Message-ID-Hash: KSTTLZS5BE4ARUUYRSTWMYR6RC4JCB5T X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1774605560741154100 Content-Type: text/plain; charset="utf-8" From: Peter Krempa The buffer is already terminated. Luckily the last character in the buffer was a newline so no information was mangled. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/util/virnetdevip.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/util/virnetdevip.c b/src/util/virnetdevip.c index 8786bb236e..c82125b706 100644 --- a/src/util/virnetdevip.c +++ b/src/util/virnetdevip.c @@ -547,10 +547,6 @@ virNetDevIPCheckIPv6Forwarding(void) return false; } - /* Dropping the last character to stop the loop */ - if (len > 0) - buf[len-1] =3D '\0'; - cur =3D buf; while (cur) { char route[33], flags[9], iface[9]; --=20 2.53.0 From nobody Thu Apr 2 17:01:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1774605593; cv=none; d=zohomail.com; s=zohoarc; b=HE6stWLzqU/xf64H7T5e2DROKRDTvAe+aImXbglhZNPmmev92OTjwPyUHfYBJ6Hh05uOkIi3pkn7TEIsa7uKYSeYUf70DPeE+dYtlco80lZj5wghNV5yx3LL2hHgndVkVnqY9hbiPmmzzUvfYkXckC5PzQK0g0JRrG2Dm5ZMnsI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1774605593; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=F54HACsuipVhHgHZyg1laHyVw1aT9Gt/KRGaAU1sNGM=; b=CNBJQHSHrhXxNqU7BMH9ob4nvHyV3k5p237/+Kx/wLuKD0DYn55RJ8nwMTMFmShodTNnKGVaHj4Kji8MyCqheGRJqjJlLKDSLshWCOwFi39HsXhMmT1tHzpVZEFnDfENzqkBAegKr3fArXe8gJPd8sc91trF+8zvo552njnThaI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 177460559328235.99017212818126; Fri, 27 Mar 2026 02:59:53 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 7FA183F84A; Fri, 27 Mar 2026 05:59:52 -0400 (EDT) Received: from [172.19.199.12] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id B715441907; Fri, 27 Mar 2026 05:56:58 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id A41D13F89F; Fri, 27 Mar 2026 05:56:54 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id A0C614193B for ; Fri, 27 Mar 2026 05:54:58 -0400 (EDT) Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-3-cT4B1W6vPUOQAJHzbQOFPw-1; Fri, 27 Mar 2026 05:54:56 -0400 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id C9B7118002E3 for ; Fri, 27 Mar 2026 09:54:55 +0000 (UTC) Received: from speedmetal.openshiftapps.com (unknown [10.45.242.5]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 0681B30001A1 for ; Fri, 27 Mar 2026 09:54:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774605298; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=F54HACsuipVhHgHZyg1laHyVw1aT9Gt/KRGaAU1sNGM=; b=WfGXblWzAuF9uIv2y3wnXkCmkgR6EV5lXLCfb5uW0FEalgPLDdffGRCbHp43XhB92pewLW ykO9X25LfJw0fwn1pZjylcC7/reTbEaoIitbKAwURXauYxxIZ7TtdecUCn818IhMm0r0LO iXSBgbt1s67zIY/CySyxqTneI/Z/bLg= X-MC-Unique: cT4B1W6vPUOQAJHzbQOFPw-1 X-Mimecast-MFC-AGG-ID: cT4B1W6vPUOQAJHzbQOFPw_1774605295 To: devel@lists.libvirt.org Subject: [PATCH 4/6] virPCIDeviceReadID: Fix use of 'virFileReadAll' Date: Fri, 27 Mar 2026 10:54:42 +0100 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: lqsNpAI5X7sVfCwW2feyopsILVfJMqA3ljvu1DSyAGA_1774605295 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: PBBMDL5KCLNQIWQDI4HVOFIZ7FCO5F7T X-Message-ID-Hash: PBBMDL5KCLNQIWQDI4HVOFIZ7FCO5F7T X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1774605594033158500 Content-Type: text/plain; charset="utf-8" From: Peter Krempa Use 'virFileReadAllQuiet' since the function doesn't want to report errors on other code paths. The function also assumed that the file which it reads always 7 bytes isn't true at least in the test suite. This didn't cause a problem because the test data had strings 6 bytes long so it didn't cause a write beyond the end of the buffer. Clear the newline by using strchrnul instead to find it rather than assuming where it is. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/util/virpci.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/util/virpci.c b/src/util/virpci.c index 2e32ed17ff..48cdffe3d4 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -1760,19 +1760,20 @@ virPCIDeviceReadID(virPCIDevice *dev, const char *i= d_name) { g_autofree char *path =3D NULL; g_autofree char *id_str =3D NULL; + int len; path =3D virPCIFile(dev->name, id_name); /* ID string is '0xNNNN\n' ... i.e. 7 bytes */ - if (virFileReadAll(path, 7, &id_str) < 0) + if ((len =3D virFileReadAllQuiet(path, 7, &id_str)) < 0) return NULL; - /* Check for 0x suffix */ + /* Check for 0x prefix */ if (id_str[0] !=3D '0' || id_str[1] !=3D 'x') return NULL; - /* Chop off the newline; we know the string is 7 bytes */ - id_str[6] =3D '\0'; + /* Chop off the newline */ + *(strchrnul(id_str, '\n')) =3D '\0'; return g_steal_pointer(&id_str); } --=20 2.53.0 From nobody Thu Apr 2 17:01:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1774605688; cv=none; d=zohomail.com; s=zohoarc; b=IJYnoZsbNE6wqQUfUYR9Jt5Hs0JHzh4+GHLszsR6Ku2WPmyVcOoJk1Z2FS0ct6J7ahI47b/An/Y/OLDYeS6nHZNwSTyQWEQqrns1u6RXi0sehc1iDYiI4QIVq3twz9H+A4Evi8Hq4LTHuNObgWuxeX99fUgzpnnmlbRRlXjVJvI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1774605688; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=lR7UVWoVUGt/24AccI7U0A53fYQvECvYEYk/Z8W6kv4=; b=hC42ioM3JX2cCK8YGChJTtr/O55nHLnkNs072tcd44eJLs8CF34HOnXNhml1o9d/VwXC6oQB8ohitk6No7cSk6/wmtAERTLCNkrpZJsggRzPVnej+kHedX47d1XeziFQxszXVGZqMS7ykCFaDbdsYDFD9qnlPXadpEU8PM3Yncw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1774605688215208.62016024685363; Fri, 27 Mar 2026 03:01:28 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 4367141832; Fri, 27 Mar 2026 06:01:27 -0400 (EDT) Received: from [172.19.199.12] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 5F90C41B03; Fri, 27 Mar 2026 05:57:46 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 9BE3A3F86B; Fri, 27 Mar 2026 05:57:40 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 43D4E3F802 for ; Fri, 27 Mar 2026 05:55:00 -0400 (EDT) Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-580-Ml81_2o0OaGtD8D94RpbPg-1; Fri, 27 Mar 2026 05:54:57 -0400 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id E1C6219560A6 for ; Fri, 27 Mar 2026 09:54:56 +0000 (UTC) Received: from speedmetal.openshiftapps.com (unknown [10.45.242.5]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 38F2230001A1 for ; Fri, 27 Mar 2026 09:54:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774605299; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lR7UVWoVUGt/24AccI7U0A53fYQvECvYEYk/Z8W6kv4=; b=LZA98LVpc/f3tm2z6kzatN9FaMkBuih+P57TOBu55KpSHCJh/V7hVNKVyApS2RDI7fF8+1 btZqM1Qj2eBcEpVUtPHly0oklBj+EnHaZr4hZtigOhLx0JWL6joUorTa8IlxLx20dUc9wV 5tNZR0qcyl7T5NJAJtTI3zGFPUMvsM0= X-MC-Unique: Ml81_2o0OaGtD8D94RpbPg-1 X-Mimecast-MFC-AGG-ID: Ml81_2o0OaGtD8D94RpbPg_1774605297 To: devel@lists.libvirt.org Subject: [PATCH 5/6] util: virfile: Document the various functions for reading from file/fd Date: Fri, 27 Mar 2026 10:54:43 +0100 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: xyR4f_td0Oug4MY8I4Uspe8Q9HNQqFIxTQrT5e1u9U8_1774605297 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: B6VGAYHO3DPWER24CT5MREPFU4GY6V42 X-Message-ID-Hash: B6VGAYHO3DPWER24CT5MREPFU4GY6V42 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1774605689067158500 Content-Type: text/plain; charset="utf-8" From: Peter Krempa Document both the behaviour if requested length isn't enough to read the file as well as the semantics of NUL-termination of the buffer. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/util/virfile.c | 140 ++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 126 insertions(+), 14 deletions(-) diff --git a/src/util/virfile.c b/src/util/virfile.c index fbcaf15429..bc3faedd4e 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@ -1534,10 +1534,27 @@ saferead_lim(int fd, size_t max_len, size_t *length) } -/* A wrapper around saferead_lim that merely stops reading at the - * specified maximum size. */ +/** + * virFileReadHeaderQuiet: + * @fd: file descriptor to read + * @maxlen: maximum amount of bytes to read + * @buf: filled with allocated buffer containing read data + * + * Reads up to @maxlen bytes from @fd and fills @buf with pointer to the + * read contents. + * + * The buffer @buf is guaranteed to be terminated with a NUL ('\0') byte o= ne + * byte beyond the read contents of the file. The NUL byte is not included= in + * the returned amount of bytes read. Caller is responsible for freeing the + * buffer. + * + * Returns number of bytes actually read from the fd on success, -1 on err= or + * and doesn't raise a libvirt error. + */ int -virFileReadHeaderFD(int fd, int maxlen, char **buf) +virFileReadHeaderFD(int fd, + int maxlen, + char **buf) { size_t len; char *s; @@ -1554,6 +1571,26 @@ virFileReadHeaderFD(int fd, int maxlen, char **buf) } +/** + * virFileReadHeaderQuiet: + * @path: file to read + * @maxlen: maximum length of file to read + * @buf: filled with allocated buffer containing read data + * + * Reads up to @maxlen bytes from file @path and fills @buf with pointer t= o the + * read contents. + * + * If file @path is longer than @maxlen the buffer contains only first @ma= xlen + * bytes read from the file. + * + * The buffer @buf is guaranteed to be terminated with a NUL ('\0') byte o= ne + * byte beyond the read contents of the file. The NUL byte is not included= in + * the returned amount of bytes read. Caller is responsible for freeing the + * buffer. + * + * Returns number of bytes actually read from file on success, -1 on error + * and doesn't raise a libvirt error. + */ int virFileReadHeaderQuiet(const char *path, int maxlen, @@ -1573,10 +1610,29 @@ virFileReadHeaderQuiet(const char *path, } -/* A wrapper around saferead_lim that maps a failure due to - exceeding the maximum size limitation to EOVERFLOW. */ +/** + * virFileReadLimFD: + * @fd: file descriptor to read + * @maxlen: maximum amount of bytes to read + * @buf: filled with allocated buffer containing read data + * + * Reads the whole contents from @fd and fills @buf with pointer to the re= ad + * contents. + * + * If @fd allowed reading more than @maxlen bytes an error is returned. + * + * The buffer @buf is guaranteed to be terminated with a NUL ('\0') byte o= ne + * byte beyond the read contents of the file. The NUL byte is not included= in + * the returned amount of bytes read. Caller is responsible for freeing the + * buffer. + * + * Returns number of bytes actually read from @fd on success, -1 on error = and + * doesn't raise a libvirt error. + */ int -virFileReadLimFD(int fd, int maxlen, char **buf) +virFileReadLimFD(int fd, + int maxlen, + char **buf) { size_t len; char *s; @@ -1599,8 +1655,29 @@ virFileReadLimFD(int fd, int maxlen, char **buf) return len; } + +/** + * virFileReadAll: + * @path: file to read + * @maxlen: maximum length of file to read + * @buf: filled with allocated buffer containing read data + * + * Reads the whole file @path and fills @buf with pointer to the read cont= ents. + * + * If file @path is longer than @maxlen error is returned. + * + * The buffer @buf is guaranteed to be terminated with a NUL ('\0') byte o= ne + * byte beyond the read contents of the file. The NUL byte is not included= in + * the returned amount of bytes read. Caller is responsible for freeing the + * buffer. + * + * Returns number of bytes actually read from file on success, -1 on error= and + * raises a libvirt error. + */ int -virFileReadAll(const char *path, int maxlen, char **buf) +virFileReadAll(const char *path, + int maxlen, + char **buf) { int fd; int len; @@ -1621,8 +1698,29 @@ virFileReadAll(const char *path, int maxlen, char **= buf) return len; } + +/** + * virFileReadAllQuiet: + * @path: file to read + * @maxlen: maximum length of file to read + * @buf: filled with allocated buffer containing read data + * + * Reads the whole file @path and fills @buf with pointer to the read cont= ents. + * + * If file @path is longer than @maxlen error is returned. + * + * The buffer @buf is guaranteed to be terminated with a NUL ('\0') byte o= ne + * byte beyond the read contents of the file. The NUL byte is not included= in + * the returned amount of bytes read. Caller is responsible for freeing the + * buffer. + * + * Returns number of bytes actually read from file on success, -errno on e= rror + * and doesn't raise a libvirt error. + */ int -virFileReadAllQuiet(const char *path, int maxlen, char **buf) +virFileReadAllQuiet(const char *path, + int maxlen, + char **buf) { int fd; int len; @@ -1639,13 +1737,26 @@ virFileReadAllQuiet(const char *path, int maxlen, c= har **buf) return len; } -/* Read @file into preallocated buffer @buf of size @len. - * Return value is -errno in case of errors and size - * of data read (no trailing zero) in case of success. - * If there is more data then @len - 1 then data will be - * truncated. */ + +/** + * virFileReadBufQuiet: + * @file: file to read + * @buf: buffer to read files into + * @len: size of @buf + * + * Reads up to @len - 1 bytes of @file into @buf. + * + * The buffer @buf is guaranteed to be terminated with a NUL ('\0') byte o= ne + * byte beyond the read contents of the file. The NUL byte is not included= in + * the returned amount of bytes read. + * + * Returns number of bytes actually read from file on success, -errno on e= rror + * and doesn't raise a libvirt error. + */ int -virFileReadBufQuiet(const char *file, char *buf, int len) +virFileReadBufQuiet(const char *file, + char *buf, + int len) { int fd; ssize_t sz; @@ -1663,6 +1774,7 @@ virFileReadBufQuiet(const char *file, char *buf, int = len) return sz; } + /* Truncate @path and write @str to it. If @mode is 0, ensure that @path exists; otherwise, use @mode if @path must be created. Return 0 for success, nonzero for failure. --=20 2.53.0 From nobody Thu Apr 2 17:01:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1774605637; cv=none; d=zohomail.com; s=zohoarc; b=ABFuxHM+a0gzbgaId9f3X5aGFRUGOlb/IfeKOB2AShQNq0NOYYtrKHKrhhO9v6qRScfiNrTL7/aEStepmJcCX9tyZFnd7VZdda3HT6tmfPilXxZH8z3RrzpPcumRS5oytDkzy2Qld/3Guu/YWpf7uH4keYo7LYmHOq9X9x0HLV0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1774605637; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=ompHEWFq2dT7sYKfLYr3ymzuTVnmvEWzEqZtYujKyA4=; b=QkDXmlflVJXNPhbJ8TgsO3pqvnAuaSTO9sCmDhP93JcYpmyDUkkCZzFdMeg70fGk6qZp1bNWU6MG1qLH2dTXUPa6sm0GY6tzKuuPx4z3ixkoSQXV8A+Egg66oq1YMSIdDpKHiThd26KKx9nyismSe25KD42gOqdD8qhWf1hrojI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1774605637538684.9307043436249; Fri, 27 Mar 2026 03:00:37 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 087763F8AB; Fri, 27 Mar 2026 06:00:37 -0400 (EDT) Received: from [172.19.199.12] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 619AF4198C; Fri, 27 Mar 2026 05:57:45 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 0ECCD3F88D; Fri, 27 Mar 2026 05:57:40 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 805DA3F340 for ; Fri, 27 Mar 2026 05:55:01 -0400 (EDT) Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-410-AKP-d52FObupkYPgsTg_Bw-1; Fri, 27 Mar 2026 05:54:59 -0400 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 7842B1800283 for ; Fri, 27 Mar 2026 09:54:58 +0000 (UTC) Received: from speedmetal.openshiftapps.com (unknown [10.45.242.5]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id BFB713000223 for ; Fri, 27 Mar 2026 09:54:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774605301; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ompHEWFq2dT7sYKfLYr3ymzuTVnmvEWzEqZtYujKyA4=; b=jRKNsuo1rS0CFeeLd0UNxzK+SPLT6Pi8Ed7HlTzclxRSAahuxi55/0EGIkmxGuzzlKars9 R8KAy6BHLO3PU/dY4W75vP+k33AXI4h8wwrKdOKpySF9sWHcZeu5/xpPiWy5cNATFejeQ5 AUJqRgc/xxRE0OL3GpZzikXlbOR2P8w= X-MC-Unique: AKP-d52FObupkYPgsTg_Bw-1 X-Mimecast-MFC-AGG-ID: AKP-d52FObupkYPgsTg_Bw_1774605298 To: devel@lists.libvirt.org Subject: [PATCH 6/6] util: virfile: Don't over-allocate buffers in saferead_lim Date: Fri, 27 Mar 2026 10:54:44 +0100 Message-ID: <91a609cc61517e4e8ded48de6de8faf2ca235416.1774605192.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: hRy6YZt1wP9BHNASxjCrsUuJT5VGbJfEDju4tug5yKY_1774605298 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: EOKF2FQBXF7WUOYIUXIYMT7HV3SUPUQ4 X-Message-ID-Hash: EOKF2FQBXF7WUOYIUXIYMT7HV3SUPUQ4 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1774605640040154100 Content-Type: text/plain; charset="utf-8" From: Peter Krempa Limit the size of the4 allocated buffer to max_len + 1. Signed-off-by: Peter Krempa Reviewed-by: Pavel Hrdina --- src/util/virfile.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/util/virfile.c b/src/util/virfile.c index bc3faedd4e..e7549197cd 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@ -1503,11 +1503,14 @@ saferead_lim(int fd, size_t max_len, size_t *length) int count; int requested; - if (size + BUFSIZ + 1 > alloc) { + if (alloc < max_len + 1 && + size + BUFSIZ + 1 > alloc) { alloc +=3D alloc / 2; if (alloc < size + BUFSIZ + 1) alloc =3D size + BUFSIZ + 1; + alloc =3D MIN(alloc, max_len + 1); + VIR_REALLOC_N(buf, alloc); } --=20 2.53.0