From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53109)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ehabkost@redhat.com>) id 1YYg5a-0007te-Gt
	for qemu-devel@nongnu.org; Thu, 19 Mar 2015 15:26:43 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ehabkost@redhat.com>) id 1YYg5Z-0005cb-6M
	for qemu-devel@nongnu.org; Thu, 19 Mar 2015 15:26:42 -0400
Received: from mx1.redhat.com ([209.132.183.28]:39691)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ehabkost@redhat.com>) id 1YYg5Y-0005cX-VZ
	for qemu-devel@nongnu.org; Thu, 19 Mar 2015 15:26:41 -0400
From: Eduardo Habkost <ehabkost@redhat.com>
Date: Thu, 19 Mar 2015 16:26:09 -0300
Message-Id: <1426793174-19012-2-git-send-email-ehabkost@redhat.com>
In-Reply-To: <1426793174-19012-1-git-send-email-ehabkost@redhat.com>
References: <1426793174-19012-1-git-send-email-ehabkost@redhat.com>
Subject: [Qemu-devel] [PULL 1/6] numa: Fix off-by-one error at
	MAX_CPUMASK_BITS check
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-devel@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>, Igor Mammedov <imammedo@redhat.com>, =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>, "Michael S. Tsirkin" <mst@redhat.com>

Fix the CPU index check to ensure we don't go beyond the size of the
node_cpu bitmap.

CPU index is always less than MAX_CPUMASK_BITS, as documented at
sysemu.h:

> The following shall be true for all CPUs:
>   cpu->cpu_index < max_cpus <= MAX_CPUMASK_BITS

Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
 numa.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/numa.c b/numa.c
index ffbec68..13b2f01 100644
--- a/numa.c
+++ b/numa.c
@@ -76,9 +76,9 @@ static void numa_node_parse(NumaNodeOptions *node, QemuOpts *opts, Error **errp)
     }
 
     for (cpus = node->cpus; cpus; cpus = cpus->next) {
-        if (cpus->value > MAX_CPUMASK_BITS) {
+        if (cpus->value >= MAX_CPUMASK_BITS) {
             error_setg(errp, "CPU number %" PRIu16 " is bigger than %d",
-                       cpus->value, MAX_CPUMASK_BITS);
+                       cpus->value, MAX_CPUMASK_BITS - 1);
             return;
         }
         bitmap_set(numa_info[nodenr].node_cpu, cpus->value, 1);
-- 
2.1.0