From nobody Tue May 7 22:14:41 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1604990201; cv=none; d=zohomail.com; s=zohoarc; b=R6Xs5kQzTDAUw/i0SAtFeq8rzrsepId1gKu53nBJ92mrWl/k5wH8tZA1RNu67Tfr5B9NKv9GpB4GpJp6X1qs6dwXzX/5MxrACIigJsVGqyFxQMzIDzNXEmAqY4iIx26zGwpRpxNHq0im87V+4cKG7qrRiPXWWjzlKVQMFzhIrz0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1604990201; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=9zQfjdbaXwm9QxPLuxa89rV9JfcvYtRv2M0iTZ6m29Y=; b=FFwPZ/OWwl4VOQ4TerlahsJ+lbvWS2tCxYG6GQSSE25qFodxuhrvNrr2WSymFF1u8uq+i57S0swI+YTG0u6MHPisksx/rM0kwgY7RzqSDBgEDq/+pqSqO2/y4ZfPn/TG8rFP3I9t/edbBUnSF+Zi2EgClkTgX9zyr89gUKMalKg= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1604990201934222.83409803481595; Mon, 9 Nov 2020 22:36:41 -0800 (PST) Received: from localhost ([::1]:34674 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kcNGi-0000hb-JL for importer@patchew.org; Tue, 10 Nov 2020 01:36:40 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:45480) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcNFi-0008Aq-Kr for qemu-devel@nongnu.org; Tue, 10 Nov 2020 01:35:38 -0500 Received: from szxga06-in.huawei.com ([45.249.212.32]:2088) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcNFg-0001TA-8J for qemu-devel@nongnu.org; Tue, 10 Nov 2020 01:35:38 -0500 Received: from DGGEMS401-HUB.china.huawei.com (unknown [172.30.72.60]) by szxga06-in.huawei.com (SkyGuard) with ESMTP id 4CVdQj6t3xzhjJP; Tue, 10 Nov 2020 14:35:25 +0800 (CST) Received: from [10.174.178.136] (10.174.178.136) by DGGEMS401-HUB.china.huawei.com (10.3.19.201) with Microsoft SMTP Server id 14.3.487.0; Tue, 10 Nov 2020 14:35:21 +0800 Subject: [PATCH 1/2] tools/virtiofsd/buffer.c: check whether buf is NULL in fuse_bufvec_advance func From: Haotian Li To: , References: <4bfe8bbd-282f-f271-735d-8892791327e1@huawei.com> Message-ID: <54579ad7-a07a-ebbd-7289-48b68883849c@huawei.com> Date: Tue, 10 Nov 2020 14:35:21 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.1.0 MIME-Version: 1.0 In-Reply-To: <4bfe8bbd-282f-f271-735d-8892791327e1@huawei.com> Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.174.178.136] X-CFilter-Loop: Reflected Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=45.249.212.32; envelope-from=lihaotian9@huawei.com; helo=szxga06-in.huawei.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/10 01:35:31 X-ACL-Warn: Detected OS = Linux 3.1-3.10 [fuzzy] X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linfeilong@huawei.com, liuzhiqiang26@huawei.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" In fuse_bufvec_advance func, calling fuse_bufvec_current func may return NULL, so we should check whether buf is NULL before using it. Signed-off-by: Haotian Li Signed-off-by: Zhiqiang Liu Reviewed-by: Stefan Hajnoczi --- tools/virtiofsd/buffer.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/virtiofsd/buffer.c b/tools/virtiofsd/buffer.c index 27c1377f22..bdc608c221 100644 --- a/tools/virtiofsd/buffer.c +++ b/tools/virtiofsd/buffer.c @@ -246,6 +246,10 @@ static int fuse_bufvec_advance(struct fuse_bufvec *buf= v, size_t len) { const struct fuse_buf *buf =3D fuse_bufvec_current(bufv); + if (!buf) { + return 0; + } + bufv->off +=3D len; assert(bufv->off <=3D buf->size); if (bufv->off =3D=3D buf->size) { --=20 From nobody Tue May 7 22:14:41 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1604990356; cv=none; d=zohomail.com; s=zohoarc; b=kFYCXYj2fdRfmsx0kf/kpRbL1uL+pzDJGJnEGpZBRwpwWzaHEaDff2cxsk2N9jc0C6LPPL57+wwEN2jfEYBXjUnLVn0lUGpsMiUNJ6/TDY7a8xDcmRb+7nRkqGiPkeiESU0vBfxNdCo6B+zVON/ZWHzBygP89lZmh7beFqrbGyk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1604990356; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=DJEb2uMg0P5b8g5AlYJtKSg6XpY8MyczkUgatIeUEXs=; b=FAjacBhfzAqaWcZfask3u/0gJ1aFTOj+jAWfYfrkz2E/N4ItcNE3l06QWpcm9Hyc8Eer/eDveN3mZqBesa+SKaq4u+vm8U7nIcrCmEKa3QWsYxhGWXLoPvJidpq65TRNpxkeOHVjCPNCartZVesbwPpqLLRQ2ixGSFq2w4d9wug= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1604990356603275.3403603474968; Mon, 9 Nov 2020 22:39:16 -0800 (PST) Received: from localhost ([::1]:37578 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kcNJD-0001yr-C4 for importer@patchew.org; Tue, 10 Nov 2020 01:39:15 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:45850) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcNHx-0001XD-5X for qemu-devel@nongnu.org; Tue, 10 Nov 2020 01:37:57 -0500 Received: from szxga05-in.huawei.com ([45.249.212.191]:2516) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kcNHv-0002Gb-2p for qemu-devel@nongnu.org; Tue, 10 Nov 2020 01:37:56 -0500 Received: from DGGEMS407-HUB.china.huawei.com (unknown [172.30.72.58]) by szxga05-in.huawei.com (SkyGuard) with ESMTP id 4CVdTM0DMJzhjZv; Tue, 10 Nov 2020 14:37:43 +0800 (CST) Received: from [10.174.178.136] (10.174.178.136) by DGGEMS407-HUB.china.huawei.com (10.3.19.207) with Microsoft SMTP Server id 14.3.487.0; Tue, 10 Nov 2020 14:37:41 +0800 Subject: [PATCH 2/2] virtiofsd: check whether lo_map_reserve returns NULL in main func From: Haotian Li To: , References: <4bfe8bbd-282f-f271-735d-8892791327e1@huawei.com> Message-ID: <015a5bbb-2c78-2b58-8983-9d8d0d64059b@huawei.com> Date: Tue, 10 Nov 2020 14:37:40 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.1.0 MIME-Version: 1.0 In-Reply-To: <4bfe8bbd-282f-f271-735d-8892791327e1@huawei.com> Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.174.178.136] X-CFilter-Loop: Reflected Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=45.249.212.191; envelope-from=lihaotian9@huawei.com; helo=szxga05-in.huawei.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/10 01:17:02 X-ACL-Warn: Detected OS = Linux 3.1-3.10 [fuzzy] X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linfeilong@huawei.com, liuzhiqiang26@huawei.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" In main func, func lo_map_reserve is called without NULL check. If reallocing new_elems fails in func lo_map_grow, the func lo_map_reserve may return NULL. We should check whether lo_map_reserve returns NULL before using it. Signed-off-by: Haotian Li Signed-off-by: Zhiqiang Liu Reviewed-by: Stefan Hajnoczi --- tools/virtiofsd/passthrough_ll.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough= _ll.c index ec1008bceb..0c279ff9fb 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -3433,6 +3433,7 @@ int main(int argc, char *argv[]) .proc_self_fd =3D -1, }; struct lo_map_elem *root_elem; + struct lo_map_elem *reserve_elem; int ret =3D -1; /* Don't mask creation mode, kernel already did that */ @@ -3452,8 +3453,15 @@ int main(int argc, char *argv[]) * [1] Root inode */ lo_map_init(&lo.ino_map); - lo_map_reserve(&lo.ino_map, 0)->in_use =3D false; + reserve_elem =3D lo_map_reserve(&lo.ino_map, 0); + if (!reserve_elem) { + goto err_out1; + } + reserve_elem->in_use =3D false; root_elem =3D lo_map_reserve(&lo.ino_map, lo.root.fuse_ino); + if (!root_elem) { + goto err_out1; + } root_elem->inode =3D &lo.root; lo_map_init(&lo.dirp_map); --=20