Re: [Qemu-devel] [PATCH v4 32/47] ivshmem-client: check the number of vectors

Claudio Fontana Tue, 29 Sep 2015 21:40:44 -0700

On 24.09.2015 13:37, marcandre.lur...@redhat.com wrote:
> From: Marc-André Lureau <marcandre.lur...@redhat.com>
> 
> Check the number of vectors received from the server, to avoid
> out of bound array access.
> 
> Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
> ---
>  contrib/ivshmem-client/ivshmem-client.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/contrib/ivshmem-client/ivshmem-client.c 
> b/contrib/ivshmem-client/ivshmem-client.c
> index 11c805c..01e24a7 100644
> --- a/contrib/ivshmem-client/ivshmem-client.c
> +++ b/contrib/ivshmem-client/ivshmem-client.c
> @@ -128,6 +128,10 @@ ivshmem_client_handle_server_msg(IvshmemClient *client)
>      /* new vector */
>      IVSHMEM_CLIENT_DEBUG(client, "  new vector %d (fd=%d) for peer id %ld\n",
>                           peer->vectors_count, fd, peer->id);
> +    if (peer->vectors_count >= G_N_ELEMENTS(peer->vectors)) {
> +        return -1;
> +    }


Anything we want to print with IVSHMEM_CLIENT_DEBUG ?
The caller will only spew a "ivshmem_client_handle_server_msg() failed\n" in 
this case.

> +
>      peer->vectors[peer->vectors_count] = fd;
>      peer->vectors_count++;
>  
>

Re: [Qemu-devel] [PATCH v4 32/47] ivshmem-client: check the number of vectors

Reply via email to