qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] Re: [PATCH 4/7] Make vnc buffer big-chunk aware

From: Alexander Graf
Subject: [Qemu-devel] Re: [PATCH 4/7] Make vnc buffer big-chunk aware
Date: Thu, 29 Jan 2009 16:16:27 +0100 




On 29.01.2009, at 16:11, Anthony Liguori <address@hidden> wrote:


Alexander Graf wrote:

Currently writing to buffers is protected by buffer_reserve.
Unfortunately, is reserves at most 1024 bytes more than we currently
have, so if we want to write a 2048 bytes chunk, we overwrite
random memory.



Yikes!


This patch addresses this in a pretty dumb but easy way.

Signed-off-by: Alexander Graf <address@hidden>
---
vnc.c |    2 +-
1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/vnc.c b/vnc.c
index 4b17f85..d0d9580 100644
--- a/vnc.c
+++ b/vnc.c
@@ -592,7 +592,7 @@ static int vnc_listen_poll(void *opaque)
 static void buffer_reserve(Buffer *buffer, size_t len)
{
-    if ((buffer->capacity - buffer->offset) < len) {
+    while ((buffer->capacity - buffer->offset) < len) {
   buffer->capacity += (len + 1024);



Okay, I no longer believe you.
If we want to write len bytes, and we increase capacity by (len + 1024) bytes, then we should be fine. The reason it's len + 1024 vs just len is to avoid many qemu_realloc()s on many small reservations (like for adding u32s).
Ugh. I must've been really tired there :o. You're right, the code does look good. 

Alex




Regards,

Anthony Liguori

   buffer->buffer = qemu_realloc(buffer->buffer, buffer->capacity);
   if (buffer->buffer == NULL) {
reply via email to
[Prev in Thread] Current Thread [Next in Thread]