Re: [PATCH 2/2] util/aio-win32: Correct the event array size in aio

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/2] util/aio-win32: Correct the event array size in aio_poll

From:	Stefan Weil
Subject:	Re: [PATCH 2/2] util/aio-win32: Correct the event array size in aio_poll()
Date:	Fri, 5 Aug 2022 17:09:24 +0200
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.11.0

Am 05.08.22 um 16:56 schrieb Bin Meng:

From: Bin Meng <bin.meng@windriver.com>

WaitForMultipleObjects() can only wait for MAXIMUM_WAIT_OBJECTS
object handles. Correct the event array size in aio_poll() and
add a assert() to ensure it does not cause out of bound access.

Signed-off-by: Bin Meng <bin.meng@windriver.com>
---

  util/aio-win32.c | 3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/util/aio-win32.c b/util/aio-win32.c
index 44003d645e..8cf5779567 100644
--- a/util/aio-win32.c
+++ b/util/aio-win32.c
@@ -326,7 +326,7 @@ void aio_dispatch(AioContext *ctx)
  bool aio_poll(AioContext *ctx, bool blocking)
  {
      AioHandler *node;
-    HANDLE events[MAXIMUM_WAIT_OBJECTS + 1];
+    HANDLE events[MAXIMUM_WAIT_OBJECTS];
      bool progress, have_select_revents, first;
      int count;
      int timeout;
@@ -369,6 +369,7 @@ bool aio_poll(AioContext *ctx, bool blocking)
      QLIST_FOREACH_RCU(node, &ctx->aio_handlers, node) {
          if (!node->deleted && node->io_notify
              && aio_node_check(ctx, node->is_external)) {
+            assert(count < MAXIMUM_WAIT_OBJECTS);

Would using g_assert for new code be better? Currently the rest of thatfile (and most QEMU code) uses assert.

count could also be changed from int to unsigned (which matches betterto the unsigned DWORD).


Reviewed-by: Stefan Weil <sw@weilnetz.de>

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 1/2] util/main-loop: Fix maximum number of wait objects for win32, Bin Meng, 2022/08/05
- [PATCH 2/2] util/aio-win32: Correct the event array size in aio_poll(), Bin Meng, 2022/08/05
  - Re: [PATCH 2/2] util/aio-win32: Correct the event array size in aio_poll(), Stefan Weil <=
    - Re: [PATCH 2/2] util/aio-win32: Correct the event array size in aio_poll(), Bin Meng, 2022/08/09
- Re: [PATCH 1/2] util/main-loop: Fix maximum number of wait objects for win32, Bin Meng, 2022/08/08
  - Re: [PATCH 1/2] util/main-loop: Fix maximum number of wait objects for win32, Philippe Mathieu-Daudé, 2022/08/08
- Re: [PATCH 1/2] util/main-loop: Fix maximum number of wait objects for win32, Marc-André Lureau, 2022/08/09
  - Re: [PATCH 1/2] util/main-loop: Fix maximum number of wait objects for win32, Bin Meng, 2022/08/09

Prev by Date: Re: [PATCH for-7.1 v2 4/5] target/loongarch: Update loongarch-fpu.xml
Next by Date: Re: [PATCH for-7.1 v2 5/5] target/loongarch: Update gdb_set_fpu() and gdb_get_fpu()
Previous by thread: [PATCH 2/2] util/aio-win32: Correct the event array size in aio_poll()
Next by thread: Re: [PATCH 2/2] util/aio-win32: Correct the event array size in aio_poll()
Index(es):
- Date
- Thread