[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL v3 09/85] Fix vhost user assertion when sending more than one fd
From: |
Michael S. Tsirkin |
Subject: |
[PULL v3 09/85] Fix vhost user assertion when sending more than one fd |
Date: |
Wed, 3 Jul 2024 18:44:52 -0400 |
From: Christian Pötzsch <christian.poetzsch@kernkonzept.com>
If the client sends more than one region this assert triggers. The
reason is that two fd's are 8 bytes and VHOST_MEMORY_BASELINE_NREGIONS
is exactly 8.
The assert is wrong because it should not test for the size of the fd
array, but for the numbers of regions.
Signed-off-by: Christian Pötzsch <christian.poetzsch@kernkonzept.com>
Message-Id: <20240426083313.3081272-1-christian.poetzsch@kernkonzept.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
subprojects/libvhost-user/libvhost-user.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/subprojects/libvhost-user/libvhost-user.c
b/subprojects/libvhost-user/libvhost-user.c
index a879149fef..8adb277d54 100644
--- a/subprojects/libvhost-user/libvhost-user.c
+++ b/subprojects/libvhost-user/libvhost-user.c
@@ -568,7 +568,7 @@ vu_message_read_default(VuDev *dev, int conn_fd,
VhostUserMsg *vmsg)
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
fd_size = cmsg->cmsg_len - CMSG_LEN(0);
vmsg->fd_num = fd_size / sizeof(int);
- assert(fd_size < VHOST_MEMORY_BASELINE_NREGIONS);
+ assert(vmsg->fd_num <= VHOST_MEMORY_BASELINE_NREGIONS);
memcpy(vmsg->fds, CMSG_DATA(cmsg), fd_size);
break;
}
--
MST
- [PULL v3 00/85] virtio: features,fixes, Michael S. Tsirkin, 2024/07/03
- [PULL v3 01/85] vhost: dirty log should be per backend type, Michael S. Tsirkin, 2024/07/03
- [PULL v3 02/85] vhost: Perform memory section dirty scans once per iteration, Michael S. Tsirkin, 2024/07/03
- [PULL v3 03/85] vhost-vdpa: check vhost_vdpa_set_vring_ready() return value, Michael S. Tsirkin, 2024/07/03
- [PULL v3 04/85] virtio/virtio-pci: Handle extra notification data, Michael S. Tsirkin, 2024/07/03
- [PULL v3 05/85] virtio: Prevent creation of device using notification-data with ioeventfd, Michael S. Tsirkin, 2024/07/03
- [PULL v3 06/85] virtio-mmio: Handle extra notification data, Michael S. Tsirkin, 2024/07/03
- [PULL v3 08/85] vhost/vhost-user: Add VIRTIO_F_NOTIFICATION_DATA to vhost feature bits, Michael S. Tsirkin, 2024/07/03
- [PULL v3 09/85] Fix vhost user assertion when sending more than one fd,
Michael S. Tsirkin <=
- [PULL v3 10/85] vhost-vsock: add VIRTIO_F_RING_PACKED to feature_bits, Michael S. Tsirkin, 2024/07/03
- [PULL v3 07/85] virtio-ccw: Handle extra notification data, Michael S. Tsirkin, 2024/07/03
- [PULL v3 11/85] hw/virtio: Fix obtain the buffer id from the last descriptor, Michael S. Tsirkin, 2024/07/03
- [PULL v3 13/85] vhost-user-gpu: fix import of DMABUF, Michael S. Tsirkin, 2024/07/03
- [PULL v3 12/85] virtio-pci: only reset pm state during resetting, Michael S. Tsirkin, 2024/07/03
- [PULL v3 14/85] Revert "vhost-user: fix lost reconnect", Michael S. Tsirkin, 2024/07/03
- [PULL v3 15/85] vhost-user: fix lost reconnect again, Michael S. Tsirkin, 2024/07/03
- [PULL v3 18/85] hw/cxl/cxl-mailbox-utils: Add dc_event_log_size field to output payload of identify memory device command, Michael S. Tsirkin, 2024/07/03
- [PULL v3 16/85] hw/cxl/mailbox: change CCI cmd set structure to be a member, not a reference, Michael S. Tsirkin, 2024/07/03
- [PULL v3 19/85] hw/cxl/cxl-mailbox-utils: Add dynamic capacity region representative and mailbox command support, Michael S. Tsirkin, 2024/07/03