[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL v2 09/91] Fix vhost user assertion when sending more than one fd
|
From: |
Michael S. Tsirkin |
|
Subject: |
[PULL v2 09/91] Fix vhost user assertion when sending more than one fd |
|
Date: |
Tue, 2 Jul 2024 16:14:16 -0400 |
From: Christian Pötzsch <christian.poetzsch@kernkonzept.com>
If the client sends more than one region this assert triggers. The
reason is that two fd's are 8 bytes and VHOST_MEMORY_BASELINE_NREGIONS
is exactly 8.
The assert is wrong because it should not test for the size of the fd
array, but for the numbers of regions.
Signed-off-by: Christian Pötzsch <christian.poetzsch@kernkonzept.com>
Message-Id: <20240426083313.3081272-1-christian.poetzsch@kernkonzept.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
subprojects/libvhost-user/libvhost-user.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/subprojects/libvhost-user/libvhost-user.c
b/subprojects/libvhost-user/libvhost-user.c
index a879149fef..8adb277d54 100644
--- a/subprojects/libvhost-user/libvhost-user.c
+++ b/subprojects/libvhost-user/libvhost-user.c
@@ -568,7 +568,7 @@ vu_message_read_default(VuDev *dev, int conn_fd,
VhostUserMsg *vmsg)
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
fd_size = cmsg->cmsg_len - CMSG_LEN(0);
vmsg->fd_num = fd_size / sizeof(int);
- assert(fd_size < VHOST_MEMORY_BASELINE_NREGIONS);
+ assert(vmsg->fd_num <= VHOST_MEMORY_BASELINE_NREGIONS);
memcpy(vmsg->fds, CMSG_DATA(cmsg), fd_size);
break;
}
--
MST
- [PULL v2 00/91] virtio: features,fixes, Michael S. Tsirkin, 2024/07/02
- [PULL v2 01/91] vhost: dirty log should be per backend type, Michael S. Tsirkin, 2024/07/02
- [PULL v2 02/91] vhost: Perform memory section dirty scans once per iteration, Michael S. Tsirkin, 2024/07/02
- [PULL v2 03/91] vhost-vdpa: check vhost_vdpa_set_vring_ready() return value, Michael S. Tsirkin, 2024/07/02
- [PULL v2 04/91] virtio/virtio-pci: Handle extra notification data, Michael S. Tsirkin, 2024/07/02
- [PULL v2 05/91] virtio: Prevent creation of device using notification-data with ioeventfd, Michael S. Tsirkin, 2024/07/02
- [PULL v2 06/91] virtio-mmio: Handle extra notification data, Michael S. Tsirkin, 2024/07/02
- [PULL v2 07/91] virtio-ccw: Handle extra notification data, Michael S. Tsirkin, 2024/07/02
- [PULL v2 08/91] vhost/vhost-user: Add VIRTIO_F_NOTIFICATION_DATA to vhost feature bits, Michael S. Tsirkin, 2024/07/02
- [PULL v2 09/91] Fix vhost user assertion when sending more than one fd,
Michael S. Tsirkin <=
- [PULL v2 10/91] vhost-vsock: add VIRTIO_F_RING_PACKED to feature_bits, Michael S. Tsirkin, 2024/07/02
- [PULL v2 11/91] hw/virtio: Fix obtain the buffer id from the last descriptor, Michael S. Tsirkin, 2024/07/02
- [PULL v2 12/91] virtio-pci: only reset pm state during resetting, Michael S. Tsirkin, 2024/07/02
- [PULL v2 13/91] vhost-user-gpu: fix import of DMABUF, Michael S. Tsirkin, 2024/07/02
- [PULL v2 14/91] Revert "vhost-user: fix lost reconnect", Michael S. Tsirkin, 2024/07/02
- [PULL v2 15/91] vhost-user: fix lost reconnect again, Michael S. Tsirkin, 2024/07/02
- [PULL v2 16/91] hw/cxl/mailbox: change CCI cmd set structure to be a member, not a reference, Michael S. Tsirkin, 2024/07/02
- [PULL v2 17/91] hw/cxl/mailbox: interface to add CCI commands to an existing CCI, Michael S. Tsirkin, 2024/07/02
- [PULL v2 18/91] hw/cxl/cxl-mailbox-utils: Add dc_event_log_size field to output payload of identify memory device command, Michael S. Tsirkin, 2024/07/02
- [PULL v2 19/91] hw/cxl/cxl-mailbox-utils: Add dynamic capacity region representative and mailbox command support, Michael S. Tsirkin, 2024/07/02