From: Dima Stepanov <dimastep@yandex-team.ru>
To: Jason Wang <jasowang@redhat.com>
Cc: peter.maydell@linaro.org, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PULL V2 24/26] net: ignore packet size greater than INT_MAX
Date: Tue, 13 Nov 2018 18:41:33 +0300 [thread overview]
Message-ID: <20181113154133.GA9113@dimastep-nix> (raw)
In-Reply-To: <1539919345-10703-25-git-send-email-jasowang@redhat.com>
Hi Jason,
I know that this patch has been already merged to stable, but i have a
question:
On Fri, Oct 19, 2018 at 11:22:23AM +0800, Jason Wang wrote:
> There should not be a reason for passing a packet size greater than
> INT_MAX. It's usually a hint of bug somewhere, so ignore packet size
> greater than INT_MAX in qemu_deliver_packet_iov()
>
> CC: qemu-stable@nongnu.org
> Reported-by: Daniel Shapira <daniel@twistlock.com>
> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
> net/net.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/net/net.c b/net/net.c
> index c66847e..07c194a 100644
> --- a/net/net.c
> +++ b/net/net.c
> @@ -712,10 +712,15 @@ ssize_t qemu_deliver_packet_iov(NetClientState *sender,
> void *opaque)
> {
> NetClientState *nc = opaque;
> + size_t size = iov_size(iov, iovcnt);
> int ret;
>
> + if (size > INT_MAX) {
> + return size;
Is it okay that the function returns ssize_t (signed), but the type of the
size variable is size_t (unsigned)? For now the top level routine checks
the return value only for 0, but anyway we can return negative value
here instead of positive. What do you think?
Regards, Dima.
> + }
> +
> if (nc->link_down) {
> - return iov_size(iov, iovcnt);
> + return size;
> }
>
> if (nc->receive_disabled) {
> --
> 2.5.0
>
>
next prev parent reply other threads:[~2018-11-13 15:41 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-19 3:21 [Qemu-devel] [PULL V2 00/26] Net patches Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 01/26] filter-rewriter: Add TCP state machine and fix memory leak in connection_track_table Jason Wang
2018-10-29 11:01 ` Peter Maydell
2018-10-30 2:02 ` Jason Wang
2018-10-30 2:29 ` Zhang Chen
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 02/26] colo-compare: implement the process of checkpoint Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 03/26] colo-compare: use notifier to notify packets comparing result Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 04/26] COLO: integrate colo compare with colo frame Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 05/26] COLO: Add block replication into colo process Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 06/26] COLO: Remove colo_state migration struct Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 07/26] COLO: Load dirty pages into SVM's RAM cache firstly Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 08/26] ram/COLO: Record the dirty pages that SVM received Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 09/26] COLO: Flush memory data from ram cache Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 10/26] qmp event: Add COLO_EXIT event to notify users while exited COLO Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 11/26] qapi/migration.json: Rename COLO unknown mode to none mode Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 12/26] qapi: Add new command to query colo status Jason Wang
2018-10-19 15:30 ` Eric Blake
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 13/26] savevm: split the process of different stages for loadvm/savevm Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 14/26] COLO: flush host dirty ram from cache Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 15/26] filter: Add handle_event method for NetFilterClass Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 16/26] filter-rewriter: handle checkpoint and failover event Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 17/26] COLO: notify net filters about checkpoint/failover event Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 18/26] COLO: quick failover process by kick COLO thread Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 19/26] docs: Add COLO status diagram to COLO-FT.txt Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 20/26] clean up callback when del virtqueue Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 21/26] ne2000: fix possible out of bound access in ne2000_receive Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 22/26] rtl8139: fix possible out of bound access Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 23/26] pcnet: fix possible buffer overflow Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 24/26] net: ignore packet size greater than INT_MAX Jason Wang
2018-11-13 15:41 ` Dima Stepanov [this message]
2018-11-14 2:59 ` Jason Wang
2018-11-14 16:23 ` Dima Stepanov
2018-11-15 2:47 ` Jason Wang
2018-11-16 7:48 ` Dima Stepanov
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 25/26] e1000: indicate dropped packets in HW counters Jason Wang
2018-10-19 3:22 ` [Qemu-devel] [PULL V2 26/26] qemu-options: Fix bad "macaddr" property in the documentation Jason Wang
2018-10-19 15:17 ` [Qemu-devel] [PULL V2 00/26] Net patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181113154133.GA9113@dimastep-nix \
--to=dimastep@yandex-team.ru \
--cc=jasowang@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).