[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/2] Fix pointer arithmetic in indirect read for libvhost-user an
|
From: |
Temir Zharaspayev |
|
Subject: |
[PATCH 0/2] Fix pointer arithmetic in indirect read for libvhost-user and libvduse |
|
Date: |
Sat, 13 Jan 2024 04:27:39 +0300 |
Hello! I have found a problem with virtqueue_read_indirect_desc function, which
was advancing pointer to struct as it was a byte pointer, so every element
comming after first chunk would be copied somewhere out of buffer.
As I understand this is cold path, but nevertheless worth fixing.
Also, exacly same problem in vduse_queue_read_indirect_desc function, because
as I understand it is a copy of virtqueue_read_indirect_desc with vduse
backend.
I was not sure if element of scattered buffer may end in the middle of
vring_desc struct data, so instead of writing
desc += read_len/sizeof(struct vring_desc)
have implemented fix with proper byte pointer arithmetic.
Sincerely,
Temir.
Temir Zharaspayev (2):
libvhost-user: Fix pointer arithmetic in indirect read
libvduse: Fix pointer arithmetic in indirect read
subprojects/libvduse/libvduse.c | 11 ++++++-----
subprojects/libvhost-user/libvhost-user.c | 11 ++++++-----
2 files changed, 12 insertions(+), 10 deletions(-)
--
2.34.1
- [PATCH 0/2] Fix pointer arithmetic in indirect read for libvhost-user and libvduse,
Temir Zharaspayev <=