[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 4/4] net: ignore packet size greater than INT_MA
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-devel] [PATCH 4/4] net: ignore packet size greater than INT_MAX |
Date: |
Tue, 25 Sep 2018 10:15:09 -0400 |
On Tue, Sep 25, 2018 at 03:23:27PM +0800, Jason Wang wrote:
> There should not be a reason for passing a packet size greater than
> INT_MAX. It's usually a hint of bug somewhere, so ignore packet size
> greater than INT_MAX in qemu_deliver_packet_iov()
>
> CC: address@hidden
> Reported-by: Daniel Shapira <address@hidden>
> Signed-off-by: Jason Wang <address@hidden>
> ---
> net/net.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/net/net.c b/net/net.c
> index fd8efebfdb..df216e3811 100644
> --- a/net/net.c
> +++ b/net/net.c
> @@ -712,10 +712,15 @@ ssize_t qemu_deliver_packet_iov(NetClientState *sender,
> void *opaque)
> {
> NetClientState *nc = opaque;
> + size_t size = iov_size(iov, iovcnt);
> int ret;
>
This adds a useless iov scan on the good path.
Can't be good for performance...
> + if (size > INT_MAX) {
> + return size;
> + }
> +
> if (nc->link_down) {
> - return iov_size(iov, iovcnt);
> + return size;
> }
>
> if (nc->receive_disabled) {
> --
> 2.17.1
- [Qemu-devel] [PATCH 0/4] Fix buffer overflow for packet greater than INT_MAX, Jason Wang, 2018/09/25
- [Qemu-devel] [PATCH 1/4] ne2000: fix possible out of bound access in ne2000_receive, Jason Wang, 2018/09/25
- [Qemu-devel] [PATCH 2/4] rtl8139: fix possible out of bound access, Jason Wang, 2018/09/25
- [Qemu-devel] [PATCH 3/4] pcnet: fix possible buffer overflow, Jason Wang, 2018/09/25
- [Qemu-devel] [PATCH 4/4] net: ignore packet size greater than INT_MAX, Jason Wang, 2018/09/25
- Re: [Qemu-devel] [PATCH 4/4] net: ignore packet size greater than INT_MAX,
Michael S. Tsirkin <=
- Re: [Qemu-devel] [PATCH 0/4] Fix buffer overflow for packet greater than INT_MAX, Michael S. Tsirkin, 2018/09/25