[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/2] migration: Assert that migrate_multifd_compression() ret
From: |
Juan Quintela |
Subject: |
Re: [PATCH 1/2] migration: Assert that migrate_multifd_compression() returns an in-range value |
Date: |
Fri, 22 Jul 2022 13:00:12 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux) |
Peter Maydell <peter.maydell@linaro.org> wrote:
> Coverity complains that when we use the return value from
> migrate_multifd_compression() as an array index:
> multifd_recv_state->ops = multifd_ops[migrate_multifd_compression()];
>
> that this might overrun the array (which is declared to have size
> MULTIFD_COMPRESSION__MAX). This is because the function return type
> is MultiFDCompression, which is an autogenerated enum. The code
> generator includes the "one greater than the maximum possible value"
> MULTIFD_COMPRESSION__MAX in the enum, even though this is not
> actually a valid value for the enum, and this makes Coverity think
> that migrate_multifd_compression() could return that __MAX value and
> index off the end of the array.
>
> Suppress the Coverity error by asserting that the value we're going
> to return is within range.
>
> Resolves: Coverity CID 1487239, 1487254
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Juan Quintela <quintela@redhat.com>