[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [PATCH 3/3] Fix issues raised by CodeQL

  • To: "paul@xxxxxxx" <paul@xxxxxxx>, "win-pv-devel@xxxxxxxxxxxxxxxxxxxx" <win-pv-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Owen Smith <owen.smith@xxxxxxxxxx>
  • Date: Tue, 31 Aug 2021 07:23:07 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XAWSo58tAB7XyFrDmrYLbNTyynSABxu1B+zbHE3tHxQ=; b=iNFb7rZOO8tQBPEVOb3bsf6Tg4IZxK17NmAqibfSu6Z1czMvLRiSfzxEF59Rm8DAAQ7s1IqApxVvXU7hglN2LLf1NihrRJJ4CA8ER56wdH6OddhWdAJBcJ+2oWSU1l37cwY26xjPZv/0kwI1c+ykPvi6qJ4CHHybbs/SLJwgcnVzvKDPFWFhipPjMKgYSWARKFzDOFLcicakuhf7f/0IjgJK0NtOsMdsfyZzXXJDtx92RBUB0wW8V90ZpZX22PJkUMXnnFeRHSHExHOMCgCJZJtM5lt0s2CFqhTyr/0NbdRS8EIphALOnIvuWEN/YaiIWBEXOag20/SCrGH/MZtOtw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RPLDl8muhlxD/t8dXcamvdn6WOuBqbvkKk50YG3iWUX9l1TF/b7cAOU64qDI2g5HDDWnnoxHTfE5oqBd04h2EayZSOwPfoenG95otdS9WP7Cg803zUM1aSUnk/Fr0gYe9UDkULvcZTu7y6QDszl7IWY2nVjdRT508d3uOH2d//AnClBmJfuTvwKer2JNJCEkEBkvJIsHLkWpYCdjUlOBYOyzGvRN4vv5PkMmWlk+rw6xOKrxDpmTNSHi/oMJHF9P3YFyxGlFVn6we8nwBlxw/VYF9MAp3cxIf4LDcOFiRDcFVmG7GFOKtH7XAMlAKaMjI3qREcrDxZq7EdiSjvN2BA==
  • Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Delivery-date: Tue, 31 Aug 2021 07:23:14 +0000
  • Ironport-hdrordr: A9a23:8CiQd62ud8D4APYQSzC47gqjBQVyeYIsimQD101hICG9Lfb3qy n+ppsmPEHP5Ar5AEtQ5OxoS5PwPU80kqQFr7X5XI3SEzUO3VHIEGgM1/qa/9SNIVydygcZ79 YbT0EcMqywMbEZt7eD3ODQKb9Jq7PrkNHKuQ6d9QYXcegDUdA60+4TMHf+LqQCfnghOXNPLu v62iMonUvERV0nKuCAQlUVVenKoNPG0Lj8ZwQdOhIh4A6SyRu19b/TCXGjr1cjegIK5Y1n3X nOkgT/6Knmmeq80AXg22ja6IkTsMf9y+FEGNeHhqEuW3bRY0eTFcZcso+5zXQISdKUmREXeR 730lEd1vFImjbsl6eO0ELQMkfboW4TAjTZuCClaDPY0LLErXQBepB8bMtiA2rkwltls9dm3K 1R2WWF85JREBPbhSz4o8PFThdwiyOP0DEfeMMo/jViuLElGfdsRE0kjTZoOYZFGDi/5JEsEe FoAs2Z7PFKcUmCZ3ScumV02tSjUnk6Ax/DGyE5y4Go+ikTmGo8w1oTxcQZkHtF/JUhS4Nc7+ CBNqhzjrlBQsIfcKo4DuYcRsm8DHDLXHv3QSivCEWiELtCN2PGqpbx7rlw7Oa2eIYQxJ93g5 jFWEMwjx9FR6svM7z44HRvyGGAfIyQZ0Wf9ihu3ekMhlSnfsuaDcSqciFdr/ed
  • Ironport-sdr: 5v/yx9WIbbHdcTJ9bEG6uwg0f0Tx9OYVlosKNQNpDJOkxKTZK/P0YA4PhaXCnXpkVtT9m1b30n xBFJxifasZcIQKmw8efcb79v/QkycB3bROyb9uP5t0hYMJs1nO9uvS5kDQJWv4Cs0OE30oGZnX MyUpCkSSoeBPHYz9T118BdBRCtqzZ+FL8nSk7n4Bb16PPAFfIi8+Aa0wEcou0f8D5STkrBztzN pBsQ8L+gPMoaljvTyTWOJOJER4DrOARfAOYPsyVTTpVQ/ggr8VBQxO/1X0OUQyJ7ipoRccnFyp deaaOWSAU3L2hTspx6psYd2F
  • List-id: Developer list for the Windows PV Drivers subproject <win-pv-devel.lists.xenproject.org>
  • Thread-index: AQHXjf4exGHV6ONSck6n4EgaC5jYd6t8GwaAgBE6oEA=
  • Thread-topic: [PATCH 3/3] Fix issues raised by CodeQL

-----Original Message-----
From: win-pv-devel <win-pv-devel-bounces@xxxxxxxxxxxxxxxxxxxx> On Behalf Of 
Paul Durrant
Sent: Friday, August 20, 2021 9:15 AM
To: win-pv-devel@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [PATCH 3/3] Fix issues raised by CodeQL

[CAUTION - EXTERNAL EMAIL] DO NOT reply, click links, or open attachments 
unless you have verified the sender and know the content is safe.

On 10/08/2021 16:40, Owen Smith wrote:
> - ExAllocatePoolWithTag is deprecated in Windows 10 2004 and replaced with
>      ExAllocatePool2. Use ExAllocatePoolUninitialized to maintain support for
>      earlier versions of Windows.
> - strtol can fail, check for LONG_MIN or LONG_MAX as indicators of an 
> error

I think these probably ought to be separate patches. As for the strtol() 
change... There also uses of strtoul() (and _strtoui64()) elsewhere. If we're 
going to catch overflow here then ought we not have similar checking there?

   Paul

Only strtol() was flagged as a warning by the newer compiler, not strtoul() or 
_strtoui64(). I only fixed the minimum to get the compile to stop raising 
warnings

Owen

> 
> Signed-off-by: Owen Smith <owen.smith@xxxxxxxxxx>
> ---
>   src/common/util.h      |  4 ++++
>   src/xenfilt/emulated.c | 34 ++++++++++++++++++++++++++--------
>   2 files changed, 30 insertions(+), 8 deletions(-)
> 
> diff --git a/src/common/util.h b/src/common/util.h index 
> eddad4a..36a36dd 100644
> --- a/src/common/util.h
> +++ b/src/common/util.h
> @@ -151,8 +151,12 @@ __AllocatePoolWithTag(
>       __analysis_assume(PoolType == NonPagedPool ||
>                         PoolType == PagedPool);
>   
> +#if (_MSC_VER >= 1928) // VS 16.9 (EWDK 20344 or later)
> +    Buffer = ExAllocatePoolUninitialized(PoolType, NumberOfBytes, 
> +Tag); #else
>   #pragma warning(suppress:28160) // annotation error
>       Buffer = ExAllocatePoolWithTag(PoolType, NumberOfBytes, Tag);
> +#endif
>       if (Buffer == NULL)
>           return NULL;
>   
> diff --git a/src/xenfilt/emulated.c b/src/xenfilt/emulated.c index 
> b7ae510..c0b666e 100644
> --- a/src/xenfilt/emulated.c
> +++ b/src/xenfilt/emulated.c
> @@ -159,9 +159,9 @@ EmulatedSetObjectDiskData(
>       )
>   {
>       PCHAR                               End;
> -    ULONG                               Controller;
> -    ULONG                               Target;
> -    ULONG                               Lun;
> +    LONG                                Controller;
> +    LONG                                Target;
> +    LONG                                Lun;
>       NTSTATUS                            status;
>   
>       UNREFERENCED_PARAMETER(DeviceID); @@ -171,36 +171,54 @@ 
> EmulatedSetObjectDiskData(
>       if (Type != XENFILT_EMULATED_OBJECT_TYPE_IDE)
>           goto fail1;
>   
> +    status = STATUS_INVALID_PARAMETER;
>       Controller = strtol(InstanceID, &End, 10);
> +    if (Controller == LONG_MIN || Controller == LONG_MAX)
> +        goto fail2;
>   
>       status = STATUS_INVALID_PARAMETER;
>       if (*End != '.' || Controller > 1)
> -        goto fail2;
> +        goto fail3;
>   
>       End++;
>   
> +    status = STATUS_INVALID_PARAMETER;
>       Target = strtol(End, &End, 10);
> +    if (Target == LONG_MIN || Target == LONG_MAX)
> +        goto fail4;
>   
>       status = STATUS_INVALID_PARAMETER;
>       if (*End != '.' || Target > 1)
> -        goto fail3;
> +        goto fail5;
>   
>       End++;
>   
> +    status = STATUS_INVALID_PARAMETER;
>       Lun = strtol(End, &End, 10);
> +    if (Lun == LONG_MIN || Lun == LONG_MAX)
> +        goto fail6;
>   
>       status = STATUS_INVALID_PARAMETER;
>       if (*End != '\0')
> -        goto fail4;
> +        goto fail7;
>   
>       status = STATUS_NOT_SUPPORTED;
>       if (Lun != 0)
> -        goto fail5;
> +        goto fail8;
>   
> -    EmulatedObject->Data.Disk.Index = Controller << 1 | Target;
> +    EmulatedObject->Data.Disk.Index = (ULONG)Controller << 1 | 
> + (ULONG)Target;
>   
>       return STATUS_SUCCESS;
>   
> +fail8:
> +    Error("fail8\n");
> +
> +fail7:
> +    Error("fail7\n");
> +
> +fail6:
> +    Error("fail6\n");
> +
>   fail5:
>       Error("fail5\n");
>   
>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.