[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH V5 06/18] monitor: check return value of qemu_find_n
From: |
Jason Wang |
Subject: |
[Qemu-devel] [PATCH V5 06/18] monitor: check return value of qemu_find_net_clients_except() |
Date: |
Wed, 1 Apr 2015 16:15:00 +0800 |
qemu_find_net_clients_except() may return a value which is greater
than the size of array we provided. So we should check this value
before using it, otherwise this may cause unexpected memory access.
This patch fixes the net related command completion when we have a
virtio-net nic with more than 255 queues.
Cc: Luiz Capitulino <address@hidden>
Signed-off-by: Jason Wang <address@hidden>
---
monitor.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/monitor.c b/monitor.c
index a039edf..2b5643d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -4477,7 +4477,7 @@ void set_link_completion(ReadLineState *rs, int nb_args,
const char *str)
count = qemu_find_net_clients_except(NULL, ncs,
NET_CLIENT_OPTIONS_KIND_NONE,
MAX_QUEUE_NUM);
- for (i = 0; i < count; i++) {
+ for (i = 0; i < MIN(count, MAX_QUEUE_NUM); i++) {
const char *name = ncs[i]->name;
if (!strncmp(str, name, len)) {
readline_add_completion(rs, name);
@@ -4502,7 +4502,7 @@ void netdev_del_completion(ReadLineState *rs, int
nb_args, const char *str)
readline_set_completion_index(rs, len);
count = qemu_find_net_clients_except(NULL, ncs,
NET_CLIENT_OPTIONS_KIND_NIC,
MAX_QUEUE_NUM);
- for (i = 0; i < count; i++) {
+ for (i = 0; i < MIN(count, MAX_QUEUE_NUM); i++) {
QemuOpts *opts;
const char *name = ncs[i]->name;
if (strncmp(str, name, len)) {
@@ -4576,7 +4576,7 @@ void host_net_remove_completion(ReadLineState *rs, int
nb_args, const char *str)
count = qemu_find_net_clients_except(NULL, ncs,
NET_CLIENT_OPTIONS_KIND_NONE,
MAX_QUEUE_NUM);
- for (i = 0; i < count; i++) {
+ for (i = 0; i < MIN(count, MAX_QUEUE_NUM); i++) {
int id;
char name[16];
@@ -4593,7 +4593,7 @@ void host_net_remove_completion(ReadLineState *rs, int
nb_args, const char *str)
count = qemu_find_net_clients_except(NULL, ncs,
NET_CLIENT_OPTIONS_KIND_NIC,
MAX_QUEUE_NUM);
- for (i = 0; i < count; i++) {
+ for (i = 0; i < MIN(count, MAX_QUEUE_NUM); i++) {
int id;
const char *name;
--
2.1.0
- [Qemu-devel] [PATCH V5 00/18] Support more virtio queues, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 01/18] virtio-net: fix the upper bound when trying to delete queues, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 02/18] pc: add 2.4 machine types, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 03/18] spapr: add machine type specific instance init function, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 04/18] ppc: spapr: add 2.4 machine type, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 06/18] monitor: check return value of qemu_find_net_clients_except(),
Jason Wang <=
- [Qemu-devel] [PATCH V5 05/18] monitor: replace the magic number 255 with MAX_QUEUE_NUM, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 07/18] virtio-ccw: using VIRTIO_NO_VECTOR instead of 0 for invalid virtqueue, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 08/18] virtio: introduce bus specific queue limit, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 11/18] virtio-mmio: switch to bus specific queue limit, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 10/18] virtio-s390: switch to bus specific queue limit, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 09/18] virtio-ccw: introduce ccw specific queue limit, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 12/18] virtio-pci: switch to use bus specific queue limit, Jason Wang, 2015/04/01
- [Qemu-devel] [PATCH V5 13/18] virtio: introduce vector to virtqueues mapping, Jason Wang, 2015/04/01