From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51339) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1X0Sti-00026e-Nb for qemu-devel@nongnu.org; Fri, 27 Jun 2014 05:56:52 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1X0Stb-0004IB-Rk for qemu-devel@nongnu.org; Fri, 27 Jun 2014 05:56:46 -0400 Received: from mx1.redhat.com ([209.132.183.28]:8461) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1X0Stb-0004I3-J1 for qemu-devel@nongnu.org; Fri, 27 Jun 2014 05:56:39 -0400 Received: from int-mx13.intmail.prod.int.phx2.redhat.com (int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s5R9uces027590 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Fri, 27 Jun 2014 05:56:38 -0400 Date: Fri, 27 Jun 2014 11:56:37 +0200 From: Stefan Hajnoczi Message-ID: <20140627095637.GG12061@stefanha-thinkpad.muc.redhat.com> References: <1401970536-18019-1-git-send-email-armbru@redhat.com> <1401970536-18019-4-git-send-email-armbru@redhat.com> <20140620041618.GB11029@stefanha-thinkpad.redhat.com> <87ppi0m2q4.fsf@blackfin.pond.sub.org> <87d2dzhjgf.fsf@blackfin.pond.sub.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="RMedoP2+Pr6Rq0N2" Content-Disposition: inline In-Reply-To: <87d2dzhjgf.fsf@blackfin.pond.sub.org> Subject: Re: [Qemu-devel] [PATCH 3/3] virtio-blk: Treat read/write beyond end as invalid List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Markus Armbruster Cc: kwolf@redhat.com, qemu-devel@nongnu.org, uobergfe@redhat.com --RMedoP2+Pr6Rq0N2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jun 23, 2014 at 02:57:36PM +0200, Markus Armbruster wrote: > Markus Armbruster writes: >=20 > > Stefan Hajnoczi writes: > > > >> On Thu, Jun 05, 2014 at 02:15:36PM +0200, Markus Armbruster wrote: > >>> + if (sector > total_sectors || nb_sectors > total_sectors - secto= r) { > >>> + return false; > >>> + } > >> > >> if (sector >=3D total_sectors || ...) { > > > > I suspect reading bdrv_check_byte_request() put the '>' in my brain: > > > > if ((offset > len) || (len - offset < size)) > > return -EIO; > > > > Don't we need offset >=3D len here? >=20 > Just remembered: we don't, because we allow I/O at offset len provided > size is zero. >=20 > Same reasoning applies to my patch. Okay. I didn't remember the offset=3Deof length=3D0 thing. Stefan --RMedoP2+Pr6Rq0N2 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJTrT/VAAoJEJykq7OBq3PI2XcH/RBHCO4cQgJiDW3It04Za480 qRm6lFelylkO0NcDaQ1xPlSnwv0HRGgDwjtwcIiB+Ib8VOPfsMf9OUVu70tbZqV0 uVaTM9QmzeypFNsSzCZmGE4yreI2eP7ocIPxs1/JtCFxQZCVoTms7cZRIfPBN2To Nl4/O2uIiV0JhVOb54ReZVp74h0e2aT0NdgdWQGIwcKoSdfzMae3Q7PlgIroBpRY RTTRiRaO95zyEdFGWRt/TpTD0JtfK6ZKkUhF1J+678haKQpWCyUJE3SJK75VLVGF Xtz0v7mdPFXb/BoTh/37Yb92sMxjyHHLcqfSn6+vQZkUe9VNHF5/UB6X3O3lcLI= =/0kA -----END PGP SIGNATURE----- --RMedoP2+Pr6Rq0N2--