OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity

util/filemonitor-inotify: qemu_file_monitor_watch(): assert no overflow

Browse Source 
Prefer clear assertions instead of [im]possible array overflow.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru>
Message-id: 20231017125941.810461-3-vsementsov@yandex-team.ru
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Vladimir Sementsov-Ogievskiy 2023-11-06 15:00:27 +00:00 committed by Peter Maydell
parent 212c5fe191
commit 2e12dd405c
1 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
util/filemonitor-inotify.c
View File

@ -81,16 +81,25 @@ static void qemu_file_monitor_watch(void *arg)
/* Loop over all events in the buffer */
while (used < len) {
struct inotify_event *ev =
(struct inotify_event *)(buf + used);
const char *name = ev->len ? ev->name : "";
QFileMonitorDir *dir = g_hash_table_lookup(mon->idmap,
GINT_TO_POINTER(ev->wd));
uint32_t iev = ev->mask &
(IN_CREATE | IN_MODIFY | IN_DELETE | IN_IGNORED |
IN_MOVED_TO | IN_MOVED_FROM | IN_ATTRIB);
const char *name;
QFileMonitorDir *dir;
uint32_t iev;
int qev;
gsize i;
struct inotify_event *ev = (struct inotify_event *)(buf + used);
/*
* We trust the kenel to provide valid buffer with complete event
* records.
*/
assert(len - used >= sizeof(struct inotify_event));
assert(len - used - sizeof(struct inotify_event) >= ev->len);
name = ev->len ? ev->name : "";
dir = g_hash_table_lookup(mon->idmap, GINT_TO_POINTER(ev->wd));
iev = ev->mask &
(IN_CREATE | IN_MODIFY | IN_DELETE | IN_IGNORED |
IN_MOVED_TO | IN_MOVED_FROM | IN_ATTRIB);
used += sizeof(struct inotify_event) + ev->len;