[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 1/2] x86: drop "index" parameter from get_free_pirq()
>>> On 05.09.12 at 14:36, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote: > On 05/09/12 13:24, Jan Beulich wrote: >> @@ -71,7 +71,7 @@ static int physdev_hvm_map_pirq( >> else >> { >> if ( *pirq < 0 ) >> - *pirq = get_free_pirq(d, type, *index); >> + *pirq = get_free_pirq(d, type); >> ret = map_domain_emuirq_pirq(d, *pirq, *index); > > > Relatedly (and I had already noticed this but not got round to making a > patch because of other more urgent bugs) > > You still have a chance here of passing an error into > map_domain_emuirq_pirq, in the pirq value. This is not a security issue > as map_domain_emuirq_pirq does range check pirq, but may turn into a > problem if the implementation of map_domain_emuirq_pirq changes. I > would say that for correctness sake, physdev_hvm_map_pirq() should range > check get_free_pirq(), even if this will lead to a double range check of > the value. Yes, that would be more clean. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |