qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [Qemu-devel] [PATCH] pci: fix device paths
@ 2011-01-19 19:24 Michael S. Tsirkin
  2011-01-20  9:41 ` [Qemu-devel] " Christoph Hellwig
  0 siblings, 1 reply; 2+ messages in thread
From: Michael S. Tsirkin @ 2011-01-19 19:24 UTC (permalink / raw)
  To: hch, Anthony Liguori, qemu-devel

Patch a6a7005d14b3c32d4864a718fb1cb19c789f58a5 generated
broken device paths. We snprintf with a length shorter
than the output, so the last character is discarded and replaced
by the null byte. Fix it up by snprintf to a buffer
which is larger by 1 byte and then memcpy the data (without
the null byte) to where we need it.

Reported-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---

This fixes the issue for me. Could you ack pls?

 hw/pci.c |   16 ++++++++++++----
 1 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/hw/pci.c b/hw/pci.c
index 8d0e3df..c77f6e9 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -2032,10 +2032,13 @@ static char *pcibus_get_dev_path(DeviceState *dev)
      * domain:Bus:Slot.Func for systems without nested PCI bridges.
      * Slot.Function list specifies the slot and function numbers for all
      * devices on the path from root to the specific device. */
-    int domain_len = strlen("DDDD:00");
-    int slot_len = strlen(":SS.F");
+    char domain[] = "DDDD:00";
+    char slot[] = ":SS.F";
+    int domain_len = sizeof domain - 1 /* For '\0' */;
+    int slot_len = sizeof slot - 1 /* For '\0' */;
     int path_len;
     char *path, *p;
+    int s;
 
     /* Calculate # of slots on path between device and root. */;
     slot_depth = 0;
@@ -2050,14 +2053,19 @@ static char *pcibus_get_dev_path(DeviceState *dev)
     path[path_len] = '\0';
 
     /* First field is the domain. */
-    snprintf(path, domain_len, "%04x:00", pci_find_domain(d->bus));
+    s = snprintf(domain, sizeof domain, "%04x:00", pci_find_domain(d->bus));
+    assert(s == domain_len);
+    memcpy(path, domain, domain_len);
 
     /* Fill in slot numbers. We walk up from device to root, so need to print
      * them in the reverse order, last to first. */
     p = path + path_len;
     for (t = d; t; t = t->bus->parent_dev) {
         p -= slot_len;
-        snprintf(p, slot_len, ":%02x.%x", PCI_SLOT(t->devfn), PCI_FUNC(d->devfn));
+        s = snprintf(slot, sizeof slot, ":%02x.%x",
+                     PCI_SLOT(t->devfn), PCI_FUNC(d->devfn));
+        assert(s == slot_len);
+        memcpy(p, slot, slot_len);
     }
 
     return path;
-- 
1.7.3.2.91.g446ac

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* [Qemu-devel] Re: [PATCH] pci: fix device paths
  2011-01-19 19:24 [Qemu-devel] [PATCH] pci: fix device paths Michael S. Tsirkin
@ 2011-01-20  9:41 ` Christoph Hellwig
  0 siblings, 0 replies; 2+ messages in thread
From: Christoph Hellwig @ 2011-01-20  9:41 UTC (permalink / raw)
  To: Michael S. Tsirkin; +Cc: hch, qemu-devel

On Wed, Jan 19, 2011 at 09:24:10PM +0200, Michael S. Tsirkin wrote:
> Patch a6a7005d14b3c32d4864a718fb1cb19c789f58a5 generated
> broken device paths. We snprintf with a length shorter
> than the output, so the last character is discarded and replaced
> by the null byte. Fix it up by snprintf to a buffer
> which is larger by 1 byte and then memcpy the data (without
> the null byte) to where we need it.

This fixed the boot for me.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-01-20  9:41 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-01-19 19:24 [Qemu-devel] [PATCH] pci: fix device paths Michael S. Tsirkin
2011-01-20  9:41 ` [Qemu-devel] " Christoph Hellwig

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).