[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH for-5.2 2/3] hw/block/nvme: fix uint16_t use of uint32_t sgls
|
From: |
Philippe Mathieu-Daudé |
|
Subject: |
Re: [PATCH for-5.2 2/3] hw/block/nvme: fix uint16_t use of uint32_t sgls member |
|
Date: |
Wed, 4 Nov 2020 12:09:46 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.3.1 |
On 11/4/20 11:22 AM, Klaus Jensen wrote:
> From: Klaus Jensen <k.jensen@samsung.com>
>
> nvme_map_sgl_data erroneously uses the sgls member of NvmeIdNs as a
> uint16_t.
>
> Reported-by: Coverity (CID 1436129)
> Fixes: cba0a8a344fe ("hw/block/nvme: add support for scatter gather lists")
> Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
> ---
> hw/block/nvme.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/block/nvme.c b/hw/block/nvme.c
> index 080d782f1c2b..2bdc50eb6fce 100644
> --- a/hw/block/nvme.c
> +++ b/hw/block/nvme.c
> @@ -452,7 +452,7 @@ static uint16_t nvme_map_sgl_data(NvmeCtrl *n, QEMUSGList
> *qsg,
> * segments and/or descriptors. The controller might accept
> * ignoring the rest of the SGL.
> */
> - uint16_t sgls = le16_to_cpu(n->id_ctrl.sgls);
> + uint32_t sgls = le32_to_cpu(n->id_ctrl.sgls);
> if (sgls & NVME_CTRL_SGLS_EXCESS_LENGTH) {
I'm surprise the compiler doesn't warn here.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> break;
> }
>