qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v3 05/19] nbd/server: Favor [u]int64_t over off_


From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH v3 05/19] nbd/server: Favor [u]int64_t over off_t
Date: Wed, 16 Jan 2019 08:23:52 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0

On 1/16/19 2:23 AM, Vladimir Sementsov-Ogievskiy wrote:

> 
> Interesting, decided to search a bit, about don't we have an overflow,
> when adding request.offset to exp.dev_offset and found in 
> nbd_co_receive_request:
> 
>      if (request->from > client->exp->size ||
>          request->from + request->len > client->exp->size) {

uint64_t + uint32_t > uint64_t

> 
> shouldn't it be
> 
>      if (request->from > client->exp->size ||
>          request->len > client->exp->size - request->from) {
> 
> to avoid overflow?

You are correct that the canonical way to check for overflow is to
compare against subtraction, rather than do addition before compare.
But we got lucky: even though client->exp->size is uint64_t, in practice
it can only represent at most off_t (remember, off_t is signed), so the
first leg of the branch proves that request->from fits in 63 bits, and
thus the second is performing 63-bit + 32-bit which can be at most 64
bits, and therefore does not overflow.  Still, I might rewrite it.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]