|
From: | Fabiano Rosas |
Subject: | Re: [PATCH 04/52] migration/rdma: Drop fragile wr_id formatting |
Date: | Mon, 18 Sep 2023 14:01:35 -0300 |
Markus Armbruster <armbru@redhat.com> writes: > wrid_desc[] uses 4001 pointers to map four integer values to strings. > > print_wrid() accesses wrid_desc[] out of bounds when passed a negative > argument. It returns null for values 2..1999 and 2001..3999. > > qemu_rdma_poll() and qemu_rdma_block_for_wrid() print wrid_desc[wr_id] > and passes print_wrid(wr_id) to tracepoints. Could conceivably crash > trying to format a null string. I believe access out of bounds is not > possible. > > Not worth cleaning up. Dumb down to show just numeric wr_id. > > Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Fabiano Rosas <farosas@suse.de>
[Prev in Thread] | Current Thread | [Next in Thread] |