From: Bruce Rogers <brogers@suse.com> To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, fam@euphon.net, Bruce Rogers <brogers@suse.com> Subject: [Qemu-devel] [PATCH] scsi-disk: handle invalid cdb length Date: Mon, 29 Apr 2019 17:51:09 -0600 [thread overview] Message-ID: <20190429235109.20307-1-brogers@suse.com> (raw) While investigating link-time-optimization, the compiler flagged this case of not handling the error return from scsi_cdb_length(). Handle this error case with a trace report. Signed-off-by: Bruce Rogers <brogers@suse.com> --- hw/scsi/scsi-disk.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index e7e865ab3b..dc13c892ef 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -2520,6 +2520,10 @@ static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf) int len = scsi_cdb_length(buf); char *line_buffer, *p; + if (len < 0) { + trace_scsi_disk_new_request(lun, tag, "bad cdb length!"); + return; + } line_buffer = g_malloc(len * 5 + 1); for (i = 0, p = line_buffer; i < len; i++) { -- 2.21.0
WARNING: multiple messages have this Message-ID (diff)
From: Bruce Rogers <brogers@suse.com> To: qemu-devel@nongnu.org Cc: fam@euphon.net, pbonzini@redhat.com, Bruce Rogers <brogers@suse.com> Subject: [Qemu-devel] [PATCH] scsi-disk: handle invalid cdb length Date: Mon, 29 Apr 2019 17:51:09 -0600 [thread overview] Message-ID: <20190429235109.20307-1-brogers@suse.com> (raw) Message-ID: <20190429235109.oYpTXEsghUIAABeYGEjK2k1sKX0Ynm831_OcvRRCeDk@z> (raw) While investigating link-time-optimization, the compiler flagged this case of not handling the error return from scsi_cdb_length(). Handle this error case with a trace report. Signed-off-by: Bruce Rogers <brogers@suse.com> --- hw/scsi/scsi-disk.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index e7e865ab3b..dc13c892ef 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -2520,6 +2520,10 @@ static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf) int len = scsi_cdb_length(buf); char *line_buffer, *p; + if (len < 0) { + trace_scsi_disk_new_request(lun, tag, "bad cdb length!"); + return; + } line_buffer = g_malloc(len * 5 + 1); for (i = 0, p = line_buffer; i < len; i++) { -- 2.21.0
next reply other threads:[~2019-04-29 23:51 UTC|newest] Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-04-29 23:51 Bruce Rogers [this message] 2019-04-29 23:51 ` [Qemu-devel] [PATCH] scsi-disk: handle invalid cdb length Bruce Rogers 2019-04-30 1:37 ` Eric Blake 2019-04-30 2:04 ` Bruce Rogers 2019-04-30 2:04 ` Bruce Rogers 2019-05-01 16:47 ` no-reply 2019-05-01 16:47 ` no-reply
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20190429235109.20307-1-brogers@suse.com \ --to=brogers@suse.com \ --cc=fam@euphon.net \ --cc=pbonzini@redhat.com \ --cc=qemu-devel@nongnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.