All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jason Wang <jasowang@redhat.com>
To: Dima Stepanov <dimastep@yandex-team.ru>
Cc: peter.maydell@linaro.org, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PULL V2 24/26] net: ignore packet size greater than INT_MAX
Date: Thu, 15 Nov 2018 10:47:04 +0800	[thread overview]
Message-ID: <eb191136-36be-1067-ef71-d8203d16aff3@redhat.com> (raw)
In-Reply-To: <20181114162335.GA31235@dimastep-nix>


On 2018/11/15 上午12:23, Dima Stepanov wrote:
> On Wed, Nov 14, 2018 at 10:59:32AM +0800, Jason Wang wrote:
>> On 2018/11/13 下午11:41, Dima Stepanov wrote:
>>> Hi Jason,
>>>
>>> I know that this patch has been already merged to stable, but i have a
>>> question:
>>>
>>> On Fri, Oct 19, 2018 at 11:22:23AM +0800, Jason Wang wrote:
>>>> There should not be a reason for passing a packet size greater than
>>>> INT_MAX. It's usually a hint of bug somewhere, so ignore packet size
>>>> greater than INT_MAX in qemu_deliver_packet_iov()
>>>>
>>>> CC:qemu-stable@nongnu.org
>>>> Reported-by: Daniel Shapira<daniel@twistlock.com>
>>>> Reviewed-by: Michael S. Tsirkin<mst@redhat.com>
>>>> Signed-off-by: Jason Wang<jasowang@redhat.com>
>>>> ---
>>>>   net/net.c | 7 ++++++-
>>>>   1 file changed, 6 insertions(+), 1 deletion(-)
>>>>
>>>> diff --git a/net/net.c b/net/net.c
>>>> index c66847e..07c194a 100644
>>>> --- a/net/net.c
>>>> +++ b/net/net.c
>>>> @@ -712,10 +712,15 @@ ssize_t qemu_deliver_packet_iov(NetClientState *sender,
>>>>                                   void *opaque)
>>>>   {
>>>>       NetClientState *nc = opaque;
>>>> +    size_t size = iov_size(iov, iovcnt);
>>>>       int ret;
>>>> +    if (size > INT_MAX) {
>>>> +        return size;
>>> Is it okay that the function returns ssize_t (signed), but the type of the
>>> size variable is size_t (unsigned)? For now the top level routine checks
>>> the return value only for 0, but anyway we can return negative value
>>> here instead of positive. What do you think?
>>>
>>> Regards, Dima.
>>>
>> Any non zero value should be ok here. Actually I think because of the
>> conversion from size_t to ssize_t, caller actually see negative value?
> I believe it depends. If long (ssize_t and size_t type) is 8 bytes, then
> the routine can sometimes return positive values and sometimes negative.
> I fully agree that in the current case any non zero value should be
> okay. I just wanted to point on the inconsistency in types and as a
> result a return value.


I see, want to post a patch for this?

Thanks


> Dima.
>> Thanks
>>

  reply	other threads:[~2018-11-15  2:47 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-19  3:21 [Qemu-devel] [PULL V2 00/26] Net patches Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 01/26] filter-rewriter: Add TCP state machine and fix memory leak in connection_track_table Jason Wang
2018-10-29 11:01   ` Peter Maydell
2018-10-30  2:02     ` Jason Wang
2018-10-30  2:29       ` Zhang Chen
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 02/26] colo-compare: implement the process of checkpoint Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 03/26] colo-compare: use notifier to notify packets comparing result Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 04/26] COLO: integrate colo compare with colo frame Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 05/26] COLO: Add block replication into colo process Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 06/26] COLO: Remove colo_state migration struct Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 07/26] COLO: Load dirty pages into SVM's RAM cache firstly Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 08/26] ram/COLO: Record the dirty pages that SVM received Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 09/26] COLO: Flush memory data from ram cache Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 10/26] qmp event: Add COLO_EXIT event to notify users while exited COLO Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 11/26] qapi/migration.json: Rename COLO unknown mode to none mode Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 12/26] qapi: Add new command to query colo status Jason Wang
2018-10-19 15:30   ` Eric Blake
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 13/26] savevm: split the process of different stages for loadvm/savevm Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 14/26] COLO: flush host dirty ram from cache Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 15/26] filter: Add handle_event method for NetFilterClass Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 16/26] filter-rewriter: handle checkpoint and failover event Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 17/26] COLO: notify net filters about checkpoint/failover event Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 18/26] COLO: quick failover process by kick COLO thread Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 19/26] docs: Add COLO status diagram to COLO-FT.txt Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 20/26] clean up callback when del virtqueue Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 21/26] ne2000: fix possible out of bound access in ne2000_receive Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 22/26] rtl8139: fix possible out of bound access Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 23/26] pcnet: fix possible buffer overflow Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 24/26] net: ignore packet size greater than INT_MAX Jason Wang
2018-11-13 15:41   ` Dima Stepanov
2018-11-14  2:59     ` Jason Wang
2018-11-14 16:23       ` Dima Stepanov
2018-11-15  2:47         ` Jason Wang [this message]
2018-11-16  7:48           ` Dima Stepanov
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 25/26] e1000: indicate dropped packets in HW counters Jason Wang
2018-10-19  3:22 ` [Qemu-devel] [PULL V2 26/26] qemu-options: Fix bad "macaddr" property in the documentation Jason Wang
2018-10-19 15:17 ` [Qemu-devel] [PULL V2 00/26] Net patches Peter Maydell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=eb191136-36be-1067-ef71-d8203d16aff3@redhat.com \
    --to=jasowang@redhat.com \
    --cc=dimastep@yandex-team.ru \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.