* [Qemu-devel] [PATCH] spapr_nvram: Check return value from blk_getlength()
@ 2017-06-05 15:14 Peter Maydell
2017-06-05 23:19 ` David Gibson
0 siblings, 1 reply; 2+ messages in thread
From: Peter Maydell @ 2017-06-05 15:14 UTC (permalink / raw)
To: qemu-devel; +Cc: patches, qemu-ppc, Alexander Graf, David Gibson
The blk_getlength() function can return an error value if the
image size cannot be determined. Check for this rather than
ploughing on and trying to g_malloc0() a negative number.
(Spotted by Coverity, CID 1288484.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/nvram/spapr_nvram.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/hw/nvram/spapr_nvram.c b/hw/nvram/spapr_nvram.c
index aa5d2c1..bc355a4 100644
--- a/hw/nvram/spapr_nvram.c
+++ b/hw/nvram/spapr_nvram.c
@@ -144,7 +144,15 @@ static void spapr_nvram_realize(VIOsPAPRDevice *dev, Error **errp)
int ret;
if (nvram->blk) {
- nvram->size = blk_getlength(nvram->blk);
+ int64_t len = blk_getlength(nvram->blk);
+
+ if (len < 0) {
+ error_setg_errno(errp, -len,
+ "could not get length of backing image");
+ return;
+ }
+
+ nvram->size = len;
ret = blk_set_perm(nvram->blk,
BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE,
--
2.7.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Qemu-devel] [PATCH] spapr_nvram: Check return value from blk_getlength()
2017-06-05 15:14 [Qemu-devel] [PATCH] spapr_nvram: Check return value from blk_getlength() Peter Maydell
@ 2017-06-05 23:19 ` David Gibson
0 siblings, 0 replies; 2+ messages in thread
From: David Gibson @ 2017-06-05 23:19 UTC (permalink / raw)
To: Peter Maydell; +Cc: qemu-devel, patches, qemu-ppc, Alexander Graf
[-- Attachment #1: Type: text/plain, Size: 1448 bytes --]
On Mon, Jun 05, 2017 at 04:14:17PM +0100, Peter Maydell wrote:
> The blk_getlength() function can return an error value if the
> image size cannot be determined. Check for this rather than
> ploughing on and trying to g_malloc0() a negative number.
> (Spotted by Coverity, CID 1288484.)
>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Applied to ppc-for-2.10, thanks.
> ---
> hw/nvram/spapr_nvram.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/hw/nvram/spapr_nvram.c b/hw/nvram/spapr_nvram.c
> index aa5d2c1..bc355a4 100644
> --- a/hw/nvram/spapr_nvram.c
> +++ b/hw/nvram/spapr_nvram.c
> @@ -144,7 +144,15 @@ static void spapr_nvram_realize(VIOsPAPRDevice *dev, Error **errp)
> int ret;
>
> if (nvram->blk) {
> - nvram->size = blk_getlength(nvram->blk);
> + int64_t len = blk_getlength(nvram->blk);
> +
> + if (len < 0) {
> + error_setg_errno(errp, -len,
> + "could not get length of backing image");
> + return;
> + }
> +
> + nvram->size = len;
>
> ret = blk_set_perm(nvram->blk,
> BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE,
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-06-05 23:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-06-05 15:14 [Qemu-devel] [PATCH] spapr_nvram: Check return value from blk_getlength() Peter Maydell
2017-06-05 23:19 ` David Gibson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).