qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC 1/4] Fix issue affecting get_int32_le() in vmstate


From: Juan Quintela
Subject: Re: [Qemu-devel] [RFC 1/4] Fix issue affecting get_int32_le() in vmstate.c
Date: Tue, 25 Feb 2014 19:52:18 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

Alvise Rigo <address@hidden> wrote:
> The method is not behaving in the way it's supposed to. It should return
> the new value only if it's less than the actual one.
>
> Signed-off-by: Alvise Rigo <address@hidden>

See David patch of this function.  There were a bug, we were doing the
wrong comparison.  But we expect not to chang the local value.  We just
want the the one that cames is less or equal that the current value
(think of an array size, it is a bad idea to try to read a bigger array
into a smaller one).

BTW, did you find this bug by testing or by code inspection?

thanks, Juan.

> ---
>  vmstate.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/vmstate.c b/vmstate.c
> index 284b080..038b274 100644
> --- a/vmstate.c
> +++ b/vmstate.c
> @@ -326,11 +326,11 @@ const VMStateInfo vmstate_info_int32_equal = {
>  
>  static int get_int32_le(QEMUFile *f, void *pv, size_t size)
>  {
> -    int32_t *old = pv;
> -    int32_t new;
> -    qemu_get_sbe32s(f, &new);
> +    int32_t old = *(int32_t *)pv;
> +    int32_t *new = pv;
> +    qemu_get_sbe32s(f, new);
>  
> -    if (*old <= new) {
> +    if (*new <= old) {
>          return 0;
>      }
>      return -EINVAL;



reply via email to

[Prev in Thread] Current Thread [Next in Thread]