[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2 31/45] ivshmem-client: check the number of vector
|
From: |
Marc-André Lureau |
|
Subject: |
[Qemu-devel] [PATCH v2 31/45] ivshmem-client: check the number of vectors |
|
Date: |
Tue, 28 Jul 2015 02:32:43 +0200 |
From: Marc-André Lureau <address@hidden>
Check the number of vectors received from the server, to avoid
out of bound array access.
Signed-off-by: Marc-André Lureau <address@hidden>
---
contrib/ivshmem-client/ivshmem-client.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/contrib/ivshmem-client/ivshmem-client.c
b/contrib/ivshmem-client/ivshmem-client.c
index 11c805c..01e24a7 100644
--- a/contrib/ivshmem-client/ivshmem-client.c
+++ b/contrib/ivshmem-client/ivshmem-client.c
@@ -128,6 +128,10 @@ ivshmem_client_handle_server_msg(IvshmemClient *client)
/* new vector */
IVSHMEM_CLIENT_DEBUG(client, " new vector %d (fd=%d) for peer id %ld\n",
peer->vectors_count, fd, peer->id);
+ if (peer->vectors_count >= G_N_ELEMENTS(peer->vectors)) {
+ return -1;
+ }
+
peer->vectors[peer->vectors_count] = fd;
peer->vectors_count++;
--
2.4.3
- [Qemu-devel] [PATCH v2 20/45] ivshmem: use common return, (continued)
- [Qemu-devel] [PATCH v2 20/45] ivshmem: use common return, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 21/45] ivshmem: use common is_power_of_2(), Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 22/45] ivshmem: migrate with VMStateDescription, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 23/45] ivshmem: shmfd can be 0, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 24/45] ivshmem: check shm isn't already initialized, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 25/45] ivshmem: add device description, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 26/45] ivshmem: fix pci_ivshmem_exit(), Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 27/45] ivshmem: replace 'guest' for 'peer' appropriately, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 28/45] ivshmem: error on too many eventfd received, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 29/45] ivshmem: reset mask on device reset, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 31/45] ivshmem-client: check the number of vectors,
Marc-André Lureau <=
- [Qemu-devel] [PATCH v2 32/45] ivshmem-server: use a uint16 for client ID, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 30/45] contrib: add ivshmem client and server, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 33/45] ivshmem-server: fix hugetlbfs support, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 34/45] docs: update ivshmem device spec, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 35/45] ivshmem: add check on protocol version in QEMU, Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 36/45] contrib: remove unnecessary strdup(), Marc-André Lureau, 2015/07/27
- [Qemu-devel] [PATCH v2 37/45] msix: implement pba write (but read-only), Marc-André Lureau, 2015/07/27