From f6cf12f0d166001c7958ddc904eff181f03da5e4 Mon Sep 17 00:00:00 2001
Message-Id: <f6cf12f0d166001c7958ddc904eff181f03da5e4.1425657843.git.jen@redhat.com>
From: Markus Armbruster <armbru@redhat.com>
Date: Tue, 22 Nov 2011 09:46:05 +0100
Subject: [CHANGE 01/11] qemu-img: Tighten parsing of size arguments
To: rhvirt-patches@redhat.com,
    jen@redhat.com

strtosz_suffix() fails unless the size is followed by 0, whitespace or
','.  Useless here, because we need to fail for any junk following the
size, even if it starts with whitespace or ','.  Check manually.
Things like "qemu-img create xxx 1024," and "qemu-img convert -S '1024
junk'" are now caught.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
(cherry picked from commit e36b369577784ac59a7d74725368eec66f23ad52)
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Jeff E. Nelson <jen@redhat.com>
---
 qemu-img.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index a736d9d..64fec3c 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -358,8 +358,9 @@ static int img_create(int argc, char **argv)
     /* Get image size, if specified */
     if (optind < argc) {
         int64_t sval;
-        sval = strtosz_suffix(argv[optind++], NULL, STRTOSZ_DEFSUFFIX_B);
-        if (sval < 0) {
+        char *end;
+        sval = strtosz_suffix(argv[optind++], &end, STRTOSZ_DEFSUFFIX_B);
+        if (sval < 0 || *end) {
             error_report("Invalid image size specified! You may use k, M, G or "
                   "T suffixes for ");
             error_report("kilobytes, megabytes, gigabytes and terabytes.");
@@ -1137,8 +1138,9 @@ static int img_convert(int argc, char **argv)
         case 'S':
         {
             int64_t sval;
-            sval = strtosz_suffix(optarg, NULL, STRTOSZ_DEFSUFFIX_B);
-            if (sval < 0) {
+            char *end;
+            sval = strtosz_suffix(optarg, &end, STRTOSZ_DEFSUFFIX_B);
+            if (sval < 0 || *end) {
                 error_report("Invalid minimum zero buffer size for sparse output specified");
                 return 1;
             }
-- 
2.1.0