qtest: Avoid passing raw strings through hmp()

hmp() passes its string argument through the sprintf() family; with a proper attribute, gcc -Wformat warns us when we do something dangerous like passing a non-constant format string. Fortunately, all our strings were safe, but checking whether the string can contain an unintended % is easy to avoid and therefore worth doing. Signed-off-by: N Eric Blake <eblake@redhat.com> Reviewed-by: N Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: N Thomas Huth <thuth@redhat.com> Signed-off-by: N Thomas Huth <thuth@redhat.com>

qtest: Avoid passing raw strings through hmp()
hmp() passes its string argument through the sprintf() family; with a proper attribute, gcc -Wformat warns us when we do something dangerous like passing a non-constant format string. Fortunately, all our strings were safe, but checking whether the string can contain an unintended % is easy to avoid and therefore worth doing. Signed-off-by: N Eric Blake <eblake@redhat.com> Reviewed-by: N Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: N Thomas Huth <thuth@redhat.com> Signed-off-by: N Thomas Huth <thuth@redhat.com>
7b899f4d · Eric Blake · Thomas Huth · 4fb609ad · 7b899f4d · 7b899f4d
隐藏空白更改
内联并排

Showing with 6 addition and 6 deletion

tests/libqtest.h tests/libqtest.h +4 -4

tests/test-hmp.c tests/test-hmp.c +2 -2

未找到文件。
--- a/tests/libqtest.h
+++ b/tests/libqtest.h
@@ -134,14 +134,14 @@ QDict *qtest_qmp_eventwait_ref(QTestState *s, const char *event);
 /**
 * qtest_hmp:
 * @s: #QTestState instance to operate on.
- * @fmt...: HMP command to send to QEMU
+ * @fmt...: HMP command to send to QEMU, formats arguments like sprintf().
 *
 * Send HMP command to QEMU via QMP's human-monitor-command.
 * QMP events are discarded.
 *
 * Returns: the command's output.  The caller should g_free() it.
 */
-char *qtest_hmp(QTestState *s, const char *fmt, ...);
+char *qtest_hmp(QTestState *s, const char *fmt, ...) GCC_FMT_ATTR(2, 3);

 /**
 * qtest_hmpv:
@@ -592,13 +592,13 @@ static inline QDict *qmp_eventwait_ref(const char *event)

 /**
 * hmp:
- * @fmt...: HMP command to send to QEMU
+ * @fmt...: HMP command to send to QEMU, formats arguments like sprintf().
 *
 * Send HMP command to QEMU via QMP's human-monitor-command.
 *
 * Returns: the command's output.  The caller should g_free() it.
 */
-char *hmp(const char *fmt, ...);
+char *hmp(const char *fmt, ...) GCC_FMT_ATTR(1, 2);

 /**
 * get_irq:

--- a/tests/test-hmp.c
+++ b/tests/test-hmp.c
@@ -81,7 +81,7 @@ static void test_commands(void)
        if (verbose) {
            fprintf(stderr, "\t%s\n", hmp_cmds[i]);
        }
-        response = hmp(hmp_cmds[i]);
+        response = hmp("%s", hmp_cmds[i]);
        g_free(response);
    }

@@ -104,7 +104,7 @@ static void test_info_commands(void)
        if (verbose) {
            fprintf(stderr, "\t%s\n", info);
        }
-        resp = hmp(info);
+        resp = hmp("%s", info);
        g_free(resp);
        /* And move forward to the next line */
        info = strchr(endp + 1, '\n');