qemu-img: Use qemu_strtoul() rather than raw strtoul()

Some of the argument parsing in qemu-img uses strtoul() to parse integer arguments. This is tricky to get correct and in fact the code does not get it right, because it assigns the result of strtoul() to an 'int' variable and then tries to check for > INT_MAX. Coverity correctly complains that the comparison is always false. Rewrite to use qemu_strtoul(), which has a saner convention for reporting conversion failures. (Fixes CID 1356421, CID 1356422, CID 1356423.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1486744104-15590-2-git-send-email-peter.maydell@linaro.org Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-02-10 16:28:23 +00:00 · 2017-02-10 16:28:23 +00:00 · 8b3c679228
parent 3026c4688c
commit 8b3c679228
1 changed files with 16 additions and 16 deletions
--- a/qemu-img.c
+++ b/qemu-img.c
@ -3623,24 +3623,24 @@ static int img_bench(int argc, char **argv)
            break;
        case 'c':
        {
-            char *end;
-            errno = 0;
-            count = strtoul(optarg, &end, 0);
-            if (errno || *end || count > INT_MAX) {
+            unsigned long res;
+
+            if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > INT_MAX) {
                error_report("Invalid request count specified");
                return 1;
            }
+            count = res;
            break;
        }
        case 'd':
        {
-            char *end;
-            errno = 0;
-            depth = strtoul(optarg, &end, 0);
-            if (errno || *end || depth > INT_MAX) {
+            unsigned long res;
+
+            if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > INT_MAX) {
                error_report("Invalid queue depth specified");
                return 1;
            }
+            depth = res;
            break;
        }
        case 'f':
@ -3707,24 +3707,24 @@ static int img_bench(int argc, char **argv)
            break;
        case OPTION_PATTERN:
        {
-            char *end;
-            errno = 0;
-            pattern = strtoul(optarg, &end, 0);
-            if (errno || *end || pattern > 0xff) {
+            unsigned long res;
+
+            if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > 0xff) {
                error_report("Invalid pattern byte specified");
                return 1;
            }
+            pattern = res;
            break;
        }
        case OPTION_FLUSH_INTERVAL:
        {
-            char *end;
-            errno = 0;
-            flush_interval = strtoul(optarg, &end, 0);
-            if (errno || *end || flush_interval > INT_MAX) {
+            unsigned long res;
+
+            if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > INT_MAX) {
                error_report("Invalid flush interval specified");
                return 1;
            }
+            flush_interval = res;
            break;
        }
        case OPTION_NO_DRAIN: