[Qemu-devel] [PATCH] vl.c: Check -smp option ranges before setting int g

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH] vl.c: Check -smp option ranges before setting int g

From:	Eduardo Habkost
Subject:	[Qemu-devel] [PATCH] vl.c: Check -smp option ranges before setting int globals
Date:	Thu, 5 Jun 2014 19:18:42 -0300
User-agent:	Mutt/1.5.21 (2010-09-15)

When parsing the -smp option, check if the values (that can be anywhere
in the [0, UINT64_MAX] range) are in the int range before setting the
int globals smp_cpus, max_cpus, smp_cores, smp_threads.

Without this, it was posbible to make smp_cpus and max_cpus negative.

Signed-off-by: Eduardo Habkost <address@hidden>
---
 vl.c | 31 ++++++++++++++++++++++++++-----
 1 file changed, 26 insertions(+), 5 deletions(-)

diff --git a/vl.c b/vl.c
index 0c15608..0362f08 100644
--- a/vl.c
+++ b/vl.c
@@ -1393,10 +1393,11 @@ static void smp_parse(QemuOpts *opts)
 {
     if (opts) {
 
-        unsigned cpus    = qemu_opt_get_number(opts, "cpus", 0);
-        unsigned sockets = qemu_opt_get_number(opts, "sockets", 0);
-        unsigned cores   = qemu_opt_get_number(opts, "cores", 0);
-        unsigned threads = qemu_opt_get_number(opts, "threads", 0);
+        uint64_t cpus    = qemu_opt_get_number(opts, "cpus", 0);
+        uint64_t sockets = qemu_opt_get_number(opts, "sockets", 0);
+        uint64_t cores   = qemu_opt_get_number(opts, "cores", 0);
+        uint64_t threads = qemu_opt_get_number(opts, "threads", 0);
+        uint64_t maxcpus = qemu_opt_get_number(opts, "maxcpus", 0);
 
         /* compute missing values, prefer sockets over cores over threads */
         if (cpus == 0 || sockets == 0) {
@@ -1415,8 +1416,28 @@ static void smp_parse(QemuOpts *opts)
             }
         }
 
-        max_cpus = qemu_opt_get_number(opts, "maxcpus", 0);
+        if (cpus > INT_MAX) {
+            fprintf(stderr, "smp: Invalid value for 'cpus': %" PRIu64 "\n",
+                    cpus);
+            exit(1);
+        }
+        if (cores > INT_MAX) {
+            fprintf(stderr, "smp: Invalid value for 'cores': %" PRIu64 "\n",
+                    cores);
+            exit(1);
+        }
+        if (threads > INT_MAX) {
+            fprintf(stderr, "smp: Invalid value for 'threads': %" PRIu64 "\n",
+                    threads);
+            exit(1);
+        }
+        if (maxcpus > INT_MAX) {
+            fprintf(stderr, "smp: Invalid value for 'maxcpus': %" PRIu64 "\n",
+                    maxcpus);
+            exit(1);
+        }
 
+        max_cpus = maxcpus;
         smp_cpus = cpus;
         smp_cores = cores > 0 ? cores : 1;
         smp_threads = threads > 0 ? threads : 1;
-- 
1.9.0

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] vl.c: Check -smp option ranges before setting int globals, Eduardo Habkost <=
- Re: [Qemu-devel] [PATCH] vl.c: Check -smp option ranges before setting int globals, Markus Armbruster, 2014/06/06
  - Re: [Qemu-devel] [PATCH] vl.c: Check -smp option ranges before setting int globals, Eduardo Habkost, 2014/06/06

Prev by Date: Re: [Qemu-devel] [PATCH v2 0/2] Restore kvm-type option support on -machine pseries
Next by Date: Re: [Qemu-devel] [RFC 0/2] GET_EMULATED_CPUID support with "allow-emulation" option
Previous by thread: Re: [Qemu-devel] [PATCH v27 19/33] QemuOpts: export qemu_opt_find
Next by thread: Re: [Qemu-devel] [PATCH] vl.c: Check -smp option ranges before setting int globals
Index(es):
- Date
- Thread