[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PULL v2 22/45] ipmi: introduce a struct ipmi_sdr_compa
From: |
Cédric Le Goater |
Subject: |
Re: [Qemu-devel] [PULL v2 22/45] ipmi: introduce a struct ipmi_sdr_compact |
Date: |
Tue, 16 Feb 2016 09:11:41 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 |
On 02/16/2016 08:45 AM, Paolo Bonzini wrote:
>
>
> On 06/02/2016 20:13, Michael S. Tsirkin wrote:
>>
>> - if (sdr[7] > MAX_SENSORS) {
>> + if (sdr->sensor_owner_number > MAX_SENSORS) {
>
> This is another off-by-one, it should have been >=. Same for all these
> occurrences later in the same file:
>
> hw/ipmi/ipmi_bmc_sim.c: if ((cmd[2] > MAX_SENSORS) ||
> hw/ipmi/ipmi_bmc_sim.c: if ((cmd[2] > MAX_SENSORS) ||
> hw/ipmi/ipmi_bmc_sim.c: if ((cmd[2] > MAX_SENSORS) ||
> hw/ipmi/ipmi_bmc_sim.c: if ((cmd[2] > MAX_SENSORS) ||
> hw/ipmi/ipmi_bmc_sim.c: if ((cmd[2] > MAX_SENSORS) ||
> hw/ipmi/ipmi_bmc_sim.c: if ((cmd[2] > MAX_SENSORS) ||
> hw/ipmi/ipmi_bmc_sim.c: if ((cmd[2] > MAX_SENSORS) ||
I missed that. Here is a patch.
Thanks,
C.
From: Cédric Le Goater <address@hidden>
Subject: [PATCH] ipmi: sensor number should not exceed MAX_SENSORS
Date: Tue, 16 Feb 2016 09:05:44 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Cédric Le Goater <address@hidden>
---
hw/ipmi/ipmi_bmc_sim.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
Index: qemu-powernv.git/hw/ipmi/ipmi_bmc_sim.c
===================================================================
--- qemu-powernv.git.orig/hw/ipmi/ipmi_bmc_sim.c
+++ qemu-powernv.git/hw/ipmi/ipmi_bmc_sim.c
@@ -536,7 +536,7 @@ static void ipmi_init_sensors_from_sdrs(
continue; /* Not a sensor SDR we set from */
}
- if (sdr->sensor_owner_number > MAX_SENSORS) {
+ if (sdr->sensor_owner_number >= MAX_SENSORS) {
continue;
}
sens = s->sensors + sdr->sensor_owner_number;
@@ -1448,7 +1448,7 @@ static void set_sensor_evt_enable(IPMIBm
IPMISensor *sens;
IPMI_CHECK_CMD_LEN(4);
- if ((cmd[2] > MAX_SENSORS) ||
+ if ((cmd[2] >= MAX_SENSORS) ||
!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
return;
@@ -1500,7 +1500,7 @@ static void get_sensor_evt_enable(IPMIBm
IPMISensor *sens;
IPMI_CHECK_CMD_LEN(3);
- if ((cmd[2] > MAX_SENSORS) ||
+ if ((cmd[2] >= MAX_SENSORS) ||
!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
return;
@@ -1521,7 +1521,7 @@ static void rearm_sensor_evts(IPMIBmcSim
IPMISensor *sens;
IPMI_CHECK_CMD_LEN(4);
- if ((cmd[2] > MAX_SENSORS) ||
+ if ((cmd[2] >= MAX_SENSORS) ||
!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
return;
@@ -1543,7 +1543,7 @@ static void get_sensor_evt_status(IPMIBm
IPMISensor *sens;
IPMI_CHECK_CMD_LEN(3);
- if ((cmd[2] > MAX_SENSORS) ||
+ if ((cmd[2] >= MAX_SENSORS) ||
!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
return;
@@ -1565,7 +1565,7 @@ static void get_sensor_reading(IPMIBmcSi
IPMISensor *sens;
IPMI_CHECK_CMD_LEN(3);
- if ((cmd[2] > MAX_SENSORS) ||
+ if ((cmd[2] >= MAX_SENSORS) ||
!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
return;
@@ -1588,7 +1588,7 @@ static void set_sensor_type(IPMIBmcSim *
IPMI_CHECK_CMD_LEN(5);
- if ((cmd[2] > MAX_SENSORS) ||
+ if ((cmd[2] >= MAX_SENSORS) ||
!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
return;
@@ -1607,7 +1607,7 @@ static void get_sensor_type(IPMIBmcSim *
IPMI_CHECK_CMD_LEN(3);
- if ((cmd[2] > MAX_SENSORS) ||
+ if ((cmd[2] >= MAX_SENSORS) ||
!IPMI_SENSOR_GET_PRESENT(ibs->sensors + cmd[2])) {
rsp[2] = IPMI_CC_REQ_ENTRY_NOT_PRESENT;
return;
- [Qemu-devel] [PULL v2 14/45] virtio: combine write of an entry into used ring, (continued)
- [Qemu-devel] [PULL v2 14/45] virtio: combine write of an entry into used ring, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 15/45] hw/pxb: add pxb devices to the bridge category, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 16/45] vhost-user-test: use correct ROM to speed up and avoid spurious failures, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 17/45] hw/pci: ensure that only PCI/PCIe bridges can be attached to pxb/pxb-pcie devices, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 18/45] ipmi: replace goto by a return statement, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 19/45] ipmi: replace *_MAXCMD defines, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 21/45] ipmi: fix SDR length value, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 20/45] ipmi: cleanup error_report messages, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 22/45] ipmi: introduce a struct ipmi_sdr_compact, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 23/45] ipmi: add get and set SENSOR_TYPE commands, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 24/45] ipmi: add GET_SYS_RESTART_CAUSE chassis command, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 25/45] ipmi: add ACPI power and GUID commands, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 27/45] pc: Eliminate struct PcGuestInfoState, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 26/45] pc: Move PcGuestInfo declaration to top of file, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 28/45] pc: Simplify pc_memory_init() signature, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 29/45] pc: Simplify xen_load_linux() signature, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 30/45] acpi: Remove guest_info parameters from functions, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 31/45] acpi: Don't save PcGuestInfo on AcpiBuildState, Michael S. Tsirkin, 2016/02/06
- [Qemu-devel] [PULL v2 32/45] pc: Remove compat fields from PcGuestInfo, Michael S. Tsirkin, 2016/02/06