Re: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation

From:	Fabiano Rosas
Subject:	Re: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation
Date:	Thu, 28 Sep 2023 11:20:07 -0300

Markus Armbruster <armbru@redhat.com> writes:

> qio_channel_rdma_readv() assigns the size_t value of qemu_rdma_fill()
> to an int variable before it adds it to @done / subtracts it from
> @want, both size_t.  Truncation when qemu_rdma_fill() copies more than
> INT_MAX bytes.  Seems vanishingly unlikely, but needs fixing all the
> same.
>
> Fixes: 6ddd2d76ca6f (migration: convert RDMA to use QIOChannel interface)
> Signed-off-by: Markus Armbruster <armbru@redhat.com>
> ---
>  migration/rdma.c | 14 +++++++-------
>  1 file changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/migration/rdma.c b/migration/rdma.c
> index 4289346617..5f423f66f0 100644
> --- a/migration/rdma.c
> +++ b/migration/rdma.c
> @@ -2852,7 +2852,7 @@ static ssize_t qio_channel_rdma_readv(QIOChannel *ioc,
>      RDMAControlHeader head;
>      int ret = 0;
>      ssize_t i;
> -    size_t done = 0;
> +    size_t done = 0, len;
>  
>      RCU_READ_LOCK_GUARD();
>      rdma = qatomic_rcu_read(&rioc->rdmain);
> @@ -2873,9 +2873,9 @@ static ssize_t qio_channel_rdma_readv(QIOChannel *ioc,
>           * were given and dish out the bytes until we run
>           * out of bytes.
>           */
> -        ret = qemu_rdma_fill(rdma, data, want, 0);
> -        done += ret;
> -        want -= ret;
> +        len = qemu_rdma_fill(rdma, data, want, 0);
> +        done += len;
> +        want -= len;
>          /* Got what we needed, so go to next iovec */
>          if (want == 0) {
>              continue;
> @@ -2902,9 +2902,9 @@ static ssize_t qio_channel_rdma_readv(QIOChannel *ioc,
>          /*
>           * SEND was received with new bytes, now try again.
>           */
> -        ret = qemu_rdma_fill(rdma, data, want, 0);
> -        done += ret;
> -        want -= ret;
> +        len = qemu_rdma_fill(rdma, data, want, 0);
> +        done += len;
> +        want -= len;
>  
>          /* Still didn't get enough, so lets just return */
>          if (want) {

Reviewed-by: Fabiano Rosas <farosas@suse.de>

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2 31/53] migration/rdma: Delete inappropriate error_report() in macro ERROR(), (continued)
- [PATCH v2 31/53] migration/rdma: Delete inappropriate error_report() in macro ERROR(), Markus Armbruster, 2023/09/28
- [PATCH v2 43/53] migration/rdma: Convert qemu_rdma_post_recv_control() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 17/53] migration/rdma: Ditch useless numeric error codes in error messages, Markus Armbruster, 2023/09/28
- [PATCH v2 39/53] migration/rdma: Convert qemu_rdma_write_flush() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 42/53] migration/rdma: Convert qemu_rdma_post_send_control() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 23/53] migration/rdma: Fix QEMUFileHooks method return values, Markus Armbruster, 2023/09/28
- [PATCH v2 24/53] migration/rdma: Fix rdma_getaddrinfo() error checking, Markus Armbruster, 2023/09/28
- [PATCH v2 10/53] migration/rdma: Put @errp parameter last, Markus Armbruster, 2023/09/28
- [PATCH v2 13/53] migration/rdma: Drop qemu_rdma_search_ram_block() error handling, Markus Armbruster, 2023/09/28
- [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation, Markus Armbruster, 2023/09/28
  - Re: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation, Fabiano Rosas <=
- [PATCH v2 29/53] migration/rdma: Check negative error values the same way everywhere, Markus Armbruster, 2023/09/28
  - Re: [PATCH v2 29/53] migration/rdma: Check negative error values the same way everywhere, Fabiano Rosas, 2023/09/29
- [PATCH v2 41/53] migration/rdma: Convert qemu_rdma_write() to Error, Markus Armbruster, 2023/09/28
- [PATCH v2 34/53] migration/rdma: Drop "@errp is clear" guards around error_setg(), Markus Armbruster, 2023/09/28
- [PATCH v2 21/53] migration/rdma: Fix qemu_get_cm_event_timeout() to always set error, Markus Armbruster, 2023/09/28
- [PATCH v2 20/53] migration/rdma: Fix qemu_rdma_broken_ipv6_kernel() to set error, Markus Armbruster, 2023/09/28
- [PATCH v2 33/53] migration/rdma: Fix error handling around rdma_getaddrinfo(), Markus Armbruster, 2023/09/28
- [PATCH v2 30/53] migration/rdma: Plug a memory leak and improve a message, Markus Armbruster, 2023/09/28
- [PATCH v2 25/53] migration/rdma: Return -1 instead of negative errno code, Markus Armbruster, 2023/09/28
- [PATCH v2 35/53] migration/rdma: Convert qemu_rdma_exchange_recv() to Error, Markus Armbruster, 2023/09/28

Prev by Date: Re: [PATCH v1 3/9] qapi: golang: Generate qapi's struct types in Go
Next by Date: Re: [PATCH v1 1/9] qapi: golang: Generate qapi's enum types in Go
Previous by thread: [PATCH v2 06/53] migration/rdma: Fix unwanted integer truncation
Next by thread: [PATCH v2 29/53] migration/rdma: Check negative error values the same way everywhere
Index(es):
- Date
- Thread