[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v12 11/21] migration: Create multifd packet
|
From: |
Dr. David Alan Gilbert |
|
Subject: |
Re: [Qemu-devel] [PATCH v12 11/21] migration: Create multifd packet |
|
Date: |
Fri, 11 May 2018 17:36:00 +0100 |
|
User-agent: |
Mutt/1.9.5 (2018-04-13) |
* Juan Quintela (address@hidden) wrote:
> "Dr. David Alan Gilbert" <address@hidden> wrote:
> > * Juan Quintela (address@hidden) wrote:
> >> "Dr. David Alan Gilbert" <address@hidden> wrote:
> >> > * Juan Quintela (address@hidden) wrote:
> >> > I think that needs validating to ensure that the source didn't
> >> > send us junk and cause us to overwrite after the end of block->host
> >>
> >> if (offset > block->used_length) {
> >> error_setg(errp, "multifd: offest too long %" PRId64
> >> " (max %" PRId64 ")",
> >> offset, block->max_length);
> >> return -1;
> >> }
> >> ??
> >
> > It's probably (offset + TARGET_PAGE_SIZE) that needs checking
> > but it needs doing in a wrap-safe way.
> >
>
> if ((offset + TARGET_PAGE_SIZE) < offset) {
> error_setg(errp, "multifd: offset %" PRId64 " wraps around"
> " with offset: %" PRId64, offset, block->max_length);
> return -1;
> }
> if ((offset + TARGET_PAGE_SIZE) > block->used_length) {
> error_setg(errp, "multifd: offset too long %" PRId64
> " (max %" PRId64 ")",
> offset, block->max_length);
> return -1;
> }
How about:
if (offset > (block->used_length - TARGET_PAGE_SIZE)) {
....
}
(*assuming that block->used_length is always at least a
TARGET_PAGE_SIZE ?)
Dave
> Sometimes I wonder how is that we don't have
>
> ramblock_contains_range(ramblock, start, size);
>
> But well, c'est la vie.
>
> Later, Juan.
--
Dr. David Alan Gilbert / address@hidden / Manchester, UK