From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53008)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ppandit@redhat.com>) id 1aGhU4-0000w1-9G
	for qemu-devel@nongnu.org; Wed, 06 Jan 2016 01:22:13 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ppandit@redhat.com>) id 1aGhU1-00046l-3I
	for qemu-devel@nongnu.org; Wed, 06 Jan 2016 01:22:12 -0500
Received: from mx1.redhat.com ([209.132.183.28]:35859)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ppandit@redhat.com>) id 1aGhU0-00046h-Un
	for qemu-devel@nongnu.org; Wed, 06 Jan 2016 01:22:09 -0500
Date: Wed, 6 Jan 2016 11:51:58 +0530 (IST)
From: P J P <ppandit@redhat.com>
In-Reply-To: <568C25EE.4040109@weilnetz.de>
Message-ID: <alpine.LFD.2.20.1601061149550.5260@wniryva>
References: <1452005723-1494-1-git-send-email-ppandit@redhat.com>
	<1452005723-1494-2-git-send-email-ppandit@redhat.com>
	<568C25EE.4040109@weilnetz.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Subject: Re: [Qemu-devel] [PATCH for v2.3.0] fw_cfg: add check to validate
 current entry value
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefan Weil <sw@weilnetz.de>
Cc: Peter Maydell <peter.maydell@linaro.org>, Qemu devel <qemu-devel@nongnu.org>

+-- On Tue, 5 Jan 2016, Stefan Weil wrote --+
| > -        s->cur_offset < e->len) {
| > +    if (s->cur_entry != FW_CFG_INVALID
| > +        && s->cur_entry & FW_CFG_WRITE_CHANNEL
| > +        && e->callback
| > +        && s->cur_offset < e->len) {
| 
| I suggest to test e != NULL instead of s->cur_entry != FW_CFG_INVALID.
| 
| Of course both variants are equivalent, but e != NULL might be easier
| to review and make work of static code analyzers easier, too.

  Yes, I've sent a revised patch with this change.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F