[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for wi
From: |
Bin Meng |
Subject: |
[PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for win32 |
Date: |
Wed, 19 Oct 2022 18:20:13 +0800 |
From: Bin Meng <bin.meng@windriver.com>
The maximum number of wait objects for win32 should be
MAXIMUM_WAIT_OBJECTS, not MAXIMUM_WAIT_OBJECTS + 1.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
---
Changes in v4:
- make the out of bounds access protection explicit
Changes in v3:
- move the check of adding the same HANDLE twice to a separete patch
Changes in v2:
- fix the logic in qemu_add_wait_object() to avoid adding
the same HANDLE twice
util/main-loop.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/util/main-loop.c b/util/main-loop.c
index f00a25451b..de38876064 100644
--- a/util/main-loop.c
+++ b/util/main-loop.c
@@ -363,10 +363,10 @@ void qemu_del_polling_cb(PollingFunc *func, void *opaque)
/* Wait objects support */
typedef struct WaitObjects {
int num;
- int revents[MAXIMUM_WAIT_OBJECTS + 1];
- HANDLE events[MAXIMUM_WAIT_OBJECTS + 1];
- WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS + 1];
- void *opaque[MAXIMUM_WAIT_OBJECTS + 1];
+ int revents[MAXIMUM_WAIT_OBJECTS];
+ HANDLE events[MAXIMUM_WAIT_OBJECTS];
+ WaitObjectFunc *func[MAXIMUM_WAIT_OBJECTS];
+ void *opaque[MAXIMUM_WAIT_OBJECTS];
} WaitObjects;
static WaitObjects wait_objects = {0};
@@ -395,7 +395,7 @@ void qemu_del_wait_object(HANDLE handle, WaitObjectFunc
*func, void *opaque)
if (w->events[i] == handle) {
found = 1;
}
- if (found) {
+ if (found && i < (MAXIMUM_WAIT_OBJECTS - 1)) {
w->events[i] = w->events[i + 1];
w->func[i] = w->func[i + 1];
w->opaque[i] = w->opaque[i + 1];
--
2.34.1
- [PATCH v4 1/3] util/main-loop: Fix maximum number of wait objects for win32,
Bin Meng <=