On Mon, Nov 09, 2020 at 04:16:45PM +0100, Max Reitz wrote: > [Cc-ing Stefan] > > On 09.11.20 16:05, Peter Maydell wrote: > > In vu_blk_discard_write_zeroes(), we read a 32-bit sector count from > > the descriptor and convert it to a 64-bit byte count. Coverity warns > > that the left shift is done with 32-bit arithmetic so it might > > overflow before the conversion to 64-bit happens. Add a cast to > > avoid this. > > This will silence Coverity, but both functions to which range[1] is then > passed (blk_co_pdiscard() and blk_co_pwrite_zeroes()) only accept ints > there, so this would only move the overflow to the function call. > > Shouldn’t we verify that the number of sectors is in range and return an > error if it isn’t? (The same probably goes for the starting sector, then, > too.)
Yes, the input validation from hw/block/virtio-blk.c is missing. I'll send a patch to add that. Stefan
signature.asc
Description: PGP signature