[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 5/8] vl.c: numa_add(): Validate nodeid before using
From: |
Eduardo Habkost |
Subject: |
[Qemu-devel] [PATCH 5/8] vl.c: numa_add(): Validate nodeid before using it |
Date: |
Wed, 16 Jan 2013 16:28:50 -0200 |
Without this check, QEMU will corrupt memory if a too-large nodeid is
provided in the command-line. e.g.:
-numa node,mem=...,cpus=...,nodeid=65
This changes nodenr to unsigned long long, to avoid integer conversion
issues when converting the strtoull() result to int.
Signed-off-by: Eduardo Habkost <address@hidden>
---
Changes v2:
- Implement change without creation of numa_node_add() function
Changes v3:
- Fix fprintf() format to use "%llu" for unsigned long long nodenr
---
vl.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/vl.c b/vl.c
index dabbba1..b39cd9a 100644
--- a/vl.c
+++ b/vl.c
@@ -1246,7 +1246,7 @@ static void numa_add(const char *optarg)
char option[128];
char *endptr;
unsigned long long value, endvalue;
- int nodenr;
+ unsigned long long nodenr;
value = endvalue = 0ULL;
@@ -1267,6 +1267,11 @@ static void numa_add(const char *optarg)
nodenr = strtoull(option, NULL, 10);
}
+ if (nodenr >= MAX_NODES) {
+ fprintf(stderr, "qemu: invalid NUMA nodeid: %llu\n", nodenr);
+ exit(1);
+ }
+
if (get_param_value(option, 128, "mem", optarg) == 0) {
node_mem[nodenr] = 0;
} else {
--
1.7.11.7
- [Qemu-devel] [PATCH 0/8] -numa option parsing fixes (v3), Eduardo Habkost, 2013/01/16
- [Qemu-devel] [PATCH 4/8] vl.c: Check for NUMA node limit inside numa_add(), Eduardo Habkost, 2013/01/16
- [Qemu-devel] [PATCH 3/8] vl.c: Abort on unknown -numa option type, Eduardo Habkost, 2013/01/16
- [Qemu-devel] [PATCH 5/8] vl.c: numa_add(): Validate nodeid before using it,
Eduardo Habkost <=
- [Qemu-devel] [PATCH 2/8] vl.c: Fix off-by-one bug when handling "-numa node" argument, Eduardo Habkost, 2013/01/16
- [Qemu-devel] [PATCH 6/8] vl.c: Use parse_uint_full() for NUMA nodeid, Eduardo Habkost, 2013/01/16
- [Qemu-devel] [PATCH 7/8] vl.c: Extract -numa "cpus" parsing to separate function, Eduardo Habkost, 2013/01/16
- [Qemu-devel] [PATCH 8/8] vl.c: validate -numa "cpus" parameter properly, Eduardo Habkost, 2013/01/16
- [Qemu-devel] [PATCH 1/8] cutils: unsigned int parsing functions, Eduardo Habkost, 2013/01/16