[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation
From: |
Fabiano Rosas |
Subject: |
Re: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation |
Date: |
Thu, 28 Sep 2023 11:20:07 -0300 |
Markus Armbruster <armbru@redhat.com> writes:
> qio_channel_rdma_readv() assigns the size_t value of qemu_rdma_fill()
> to an int variable before it adds it to @done / subtracts it from
> @want, both size_t. Truncation when qemu_rdma_fill() copies more than
> INT_MAX bytes. Seems vanishingly unlikely, but needs fixing all the
> same.
>
> Fixes: 6ddd2d76ca6f (migration: convert RDMA to use QIOChannel interface)
> Signed-off-by: Markus Armbruster <armbru@redhat.com>
> ---
> migration/rdma.c | 14 +++++++-------
> 1 file changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/migration/rdma.c b/migration/rdma.c
> index 4289346617..5f423f66f0 100644
> --- a/migration/rdma.c
> +++ b/migration/rdma.c
> @@ -2852,7 +2852,7 @@ static ssize_t qio_channel_rdma_readv(QIOChannel *ioc,
> RDMAControlHeader head;
> int ret = 0;
> ssize_t i;
> - size_t done = 0;
> + size_t done = 0, len;
>
> RCU_READ_LOCK_GUARD();
> rdma = qatomic_rcu_read(&rioc->rdmain);
> @@ -2873,9 +2873,9 @@ static ssize_t qio_channel_rdma_readv(QIOChannel *ioc,
> * were given and dish out the bytes until we run
> * out of bytes.
> */
> - ret = qemu_rdma_fill(rdma, data, want, 0);
> - done += ret;
> - want -= ret;
> + len = qemu_rdma_fill(rdma, data, want, 0);
> + done += len;
> + want -= len;
> /* Got what we needed, so go to next iovec */
> if (want == 0) {
> continue;
> @@ -2902,9 +2902,9 @@ static ssize_t qio_channel_rdma_readv(QIOChannel *ioc,
> /*
> * SEND was received with new bytes, now try again.
> */
> - ret = qemu_rdma_fill(rdma, data, want, 0);
> - done += ret;
> - want -= ret;
> + len = qemu_rdma_fill(rdma, data, want, 0);
> + done += len;
> + want -= len;
>
> /* Still didn't get enough, so lets just return */
> if (want) {
Reviewed-by: Fabiano Rosas <farosas@suse.de>
- [PATCH v2 31/53] migration/rdma: Delete inappropriate error_report() in macro ERROR(), (continued)
- [PATCH v2 31/53] migration/rdma: Delete inappropriate error_report() in macro ERROR(), Markus Armbruster, 2023/09/28
- [PATCH v2 43/53] migration/rdma: Convert qemu_rdma_post_recv_control() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 17/53] migration/rdma: Ditch useless numeric error codes in error messages, Markus Armbruster, 2023/09/28
- [PATCH v2 39/53] migration/rdma: Convert qemu_rdma_write_flush() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 42/53] migration/rdma: Convert qemu_rdma_post_send_control() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 23/53] migration/rdma: Fix QEMUFileHooks method return values, Markus Armbruster, 2023/09/28
- [PATCH v2 24/53] migration/rdma: Fix rdma_getaddrinfo() error checking, Markus Armbruster, 2023/09/28
- [PATCH v2 10/53] migration/rdma: Put @errp parameter last, Markus Armbruster, 2023/09/28
- [PATCH v2 13/53] migration/rdma: Drop qemu_rdma_search_ram_block() error handling, Markus Armbruster, 2023/09/28
- [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation, Markus Armbruster, 2023/09/28
- Re: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation,
Fabiano Rosas <=
- [PATCH v2 29/53] migration/rdma: Check negative error values the same way everywhere, Markus Armbruster, 2023/09/28
- [PATCH v2 41/53] migration/rdma: Convert qemu_rdma_write() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 34/53] migration/rdma: Drop "@errp is clear" guards around error_setg(), Markus Armbruster, 2023/09/28
- [PATCH v2 21/53] migration/rdma: Fix qemu_get_cm_event_timeout() to always set error, Markus Armbruster, 2023/09/28
- [PATCH v2 20/53] migration/rdma: Fix qemu_rdma_broken_ipv6_kernel() to set error, Markus Armbruster, 2023/09/28
- [PATCH v2 33/53] migration/rdma: Fix error handling around rdma_getaddrinfo(), Markus Armbruster, 2023/09/28
- [PATCH v2 30/53] migration/rdma: Plug a memory leak and improve a message, Markus Armbruster, 2023/09/28
- [PATCH v2 25/53] migration/rdma: Return -1 instead of negative errno code, Markus Armbruster, 2023/09/28
- [PATCH v2 35/53] migration/rdma: Convert qemu_rdma_exchange_recv() to Error, Markus Armbruster, 2023/09/28