>>> On 23.01.19 at 15:59, <andrew.coop...@citrix.com> wrote:
> +static inline struct vcpu *domain_vcpu(const struct domain *d,
> + unsigned int vcpu_id)
> +{
> + unsigned int idx = array_index_nospec(vcpu_id, d->max_vcpus);
> +
> + return idx >= d->max_vcpus ? NULL : d->vcpu[idx];
> +}
For an out of bounds incoming vcpu_id, isn't it the case that
idx then would be zero? In which case you'd return d->vcpu[0]
instead of NULL?
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
