Commit 920639ca authored by Daniel P. Berrangé's avatar Daniel P. Berrangé
Browse files

qga: convert to use error checked base64 decode 



Switch from using g_base64_decode over to qbase64_decode
in order to get error checking of the base64 input data.

Reviewed-by: default avatarEric Blake <eblake@redhat.com>
Signed-off-by: default avatarDaniel P. Berrange <berrange@redhat.com>
parent e9cf2fe0

qga/commands-posix.c

+9 −2
Original line number Diff line number Diff line
@@ -29,6 +29,7 @@ 
#include "qemu/queue.h"

#include "qemu/host-utils.h"

#include "qemu/sockets.h"

#include "qemu/base64.h"



#ifndef CONFIG_HAS_ENVIRON

#ifdef __APPLE__
@@ -525,7 +526,10 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64, 
        gfh->state = RW_STATE_NEW;

    }



    buf = g_base64_decode(buf_b64, &buf_len);

    buf = qbase64_decode(buf_b64, -1, &buf_len, errp);

    if (!buf) {

        return NULL;

    }



    if (!has_count) {

        count = buf_len;
@@ -1963,7 +1967,10 @@ void qmp_guest_set_user_password(const char *username, 
    char *chpasswddata = NULL;

    size_t chpasswdlen;



    rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen);

    rawpasswddata = (char *)qbase64_decode(password, -1, &rawpasswdlen, errp);

    if (!rawpasswddata) {

        return;

    }

    rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1);

    rawpasswddata[rawpasswdlen] = '\0';

qga/commands-win32.c

+9 −2
Original line number Diff line number Diff line
@@ -34,6 +34,7 @@ 
#include "qapi/qmp/qerror.h"

#include "qemu/queue.h"

#include "qemu/host-utils.h"

#include "qemu/base64.h"



#ifndef SHTDN_REASON_FLAG_PLANNED

#define SHTDN_REASON_FLAG_PLANNED 0x80000000
@@ -357,7 +358,10 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64, 
        return NULL;

    }

    fh = gfh->fh;

    buf = g_base64_decode(buf_b64, &buf_len);

    buf = qbase64_decode(buf_b64, -1, &buf_len, errp);

    if (!buf) {

        return NULL;

    }



    if (!has_count) {

        count = buf_len;
@@ -1294,7 +1298,10 @@ void qmp_guest_set_user_password(const char *username, 
        return;

    }



    rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen);

    rawpasswddata = (char *)qbase64_decode(password, -1, &rawpasswdlen, errp);

    if (!rawpasswddata) {

        return;

    }

    rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1);

    rawpasswddata[rawpasswdlen] = '\0';

qga/commands.c

+12 −1
Original line number Diff line number Diff line
@@ -14,6 +14,7 @@ 
#include "qga/guest-agent-core.h"

#include "qga-qmp-commands.h"

#include "qapi/qmp/qerror.h"

#include "qemu/base64.h"



/* Maximum captured guest-exec out_data/err_data - 16MB */

#define GUEST_EXEC_MAX_OUTPUT (16*1024*1024)
@@ -393,10 +394,19 @@ GuestExec *qmp_guest_exec(const char *path, 
    GIOChannel *in_ch, *out_ch, *err_ch;

    GSpawnFlags flags;

    bool has_output = (has_capture_output && capture_output);

    uint8_t *input = NULL;

    size_t ninput = 0;



    arglist.value = (char *)path;

    arglist.next = has_arg ? arg : NULL;



    if (has_input_data) {

        input = qbase64_decode(input_data, -1, &ninput, err);

        if (!input) {

            return NULL;

        }

    }



    argv = guest_exec_get_args(&arglist, true);

    envp = has_env ? guest_exec_get_args(env, false) : NULL;
@@ -425,7 +435,8 @@ GuestExec *qmp_guest_exec(const char *path, 
    g_child_watch_add(pid, guest_exec_child_watch, gei);



    if (has_input_data) {

        gei->in.data = g_base64_decode(input_data, &gei->in.size);

        gei->in.data = input;

        gei->in.size = ninput;

#ifdef G_OS_WIN32

        in_ch = g_io_channel_win32_new_fd(in_fd);

#else