From patchwork Tue Jul 23 15:09:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 813954 Delivered-To: patch@linaro.org Received: by 2002:adf:f288:0:b0:367:895a:4699 with SMTP id k8csp2364371wro; Tue, 23 Jul 2024 08:09:57 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWDWnEOgOg/VTFbqqEL625iYZpjsV5OcOd0wdS98t624gg7P5aNbN3YHFKWizDxtfmpb1BxdaEJ6bPkA2jyUXcs X-Google-Smtp-Source: AGHT+IE6EvBSUsulUS+YoNDDemvbAi4ExJa/QTOmHTBWUWUe5zzuFrBQlXPwVRVA+cKLcp7sq9Oe X-Received: by 2002:ad4:4eaa:0:b0:6b7:4712:c878 with SMTP id 6a1803df08f44-6b96110f4b0mr130068926d6.41.1721747397091; Tue, 23 Jul 2024 08:09:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1721747397; cv=none; d=google.com; s=arc-20160816; b=hEDTDgFdW7fwxf8jrj/x6crktsSRQSKbuDzZxeIpzJxdCCSemwy0DSA8Vtm1XWE5Ou f1RwFxVwlD86x5DbyrQSj0FxNph8RI68Mp7JEihEyhL+noTxpVg66JBXsNMpUP2nSmgL M24+E+dLw+cDs5EPQeGHFxfRZRb4JnXOyeXj6ANrky+HGyf5thB/C12GBDER/1Esu8xK 1ktJ8WMGvdnIRaWr65LQHa13Y9I3b3Lhj19a9LdtyY7ALHqUIuj6CBw+PC/8wfkSu1aG aJunCLD3FSGDg6MMWxi/1eCkAc7/i1h2/QsfUwz0Xkk2nuLeKhIyf/VkawCZiaIFLs0A GUwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=rg4YrdclRSstpDHECHFcor9WAWNBiDqvFJIrnUKj3R4=; fh=FjrT+i5lqgUZkCzlSH9NNLdOos9lt8qEhpmhJ8t3R4c=; b=tMTRejwWybJPm8A7IQX6PnuFM//cW6l+Mpu/gPuGtgDgEfsCi1WYoq2Fsa+P9J5Vnh Vnjqv0ZAlI31sm82N6VOEc0fIQE0QxGgobahU/+0fkRgS0tuScUfPlhn4c3Uu935fvow vR/TXxfUDJ75ziKvgUr0wRH7+vN2AVSp7J4Jt+hYkY4calMath2ltZG+a54YvbXp6NYa U31fHX8JspVhWk/hFUbHqTVaeRHoF5dy7r8/BAe/2C9OasouH0PjuHLP75zg4dEl2UP4 A4PE2c4D0/9kh3+ZXEa9x2JsX+nW8X7xWeEYBWLWx736ZOFgo+lGWSEVn5xjafAzWuPe vQ/A==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=GKeMeaiO; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 6a1803df08f44-6b7ac7a0bbcsi99061766d6.35.2024.07.23.08.09.56 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 23 Jul 2024 08:09:57 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=GKeMeaiO; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sWH8x-0005Ic-Gi; Tue, 23 Jul 2024 11:09:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sWH8v-0005FD-KP for qemu-devel@nongnu.org; Tue, 23 Jul 2024 11:09:33 -0400 Received: from mail-wr1-x42e.google.com ([2a00:1450:4864:20::42e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sWH8t-0000pv-9Q for qemu-devel@nongnu.org; Tue, 23 Jul 2024 11:09:33 -0400 Received: by mail-wr1-x42e.google.com with SMTP id ffacd0b85a97d-368712acb8dso2719032f8f.2 for ; Tue, 23 Jul 2024 08:09:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1721747369; x=1722352169; darn=nongnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=rg4YrdclRSstpDHECHFcor9WAWNBiDqvFJIrnUKj3R4=; b=GKeMeaiOriIEWknnQzu6CMyF+vOC2uOe2lxw3K+k6V0QwPr8Wh6WcDPXTLhsMk8gX6 ZyXalOg2g2AbCe3WGtIY1PMl1Zb57tgcY0RXsyNnhwwFJk2+s/5u/CFoX0Hn3L7J1mr5 ngUtWplxOzwzTVe6e5dWXZ+OCwqOXFBNHslhS1tglJkdWzHgKupeuafy5AkeBwvgitpV MsS3WPltFaX6UGOF//hNYcItpypTrHmeicWO8gqnVYVz32iYdpZIG61lTTDHPBjwiMLQ Nf2AopYzvxGGGoMemHjY42hFl4wuGgO25lLx0TFXAkoUsw1a7HPNS8fo/nmvVKO6i9nZ bcZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721747369; x=1722352169; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rg4YrdclRSstpDHECHFcor9WAWNBiDqvFJIrnUKj3R4=; b=KyNp2PBl20rz/ULPPJ19bA0NrUyo+ahTCAW86R4iGGcSXrzGlzJpoMdvq32CGHozBX USWSk+GUZ8nt2EupttaLgUUqfPkBl9C5eVCHrVh8LWobZ2a8jnGkwe0jh2ZoUoypv8qn FIvTWPu36AGyAEb0jOEhtNuFOUdZHn+BR0xNtI1MykV0l7xWZaYidy7fQT01rz9UeFAz KPRslN8ZlD+ylyDMfLWrvzKLzL/bUl0Q+sxj+i9FgMuoUbRRkQWacJRm2xXTC/OjznQL BO45b83uvEGZyLmQnY2TGT05uZrSq8VQhdjSpHuYXt8uijjpViTcowCkQJwJHvdsaeY8 8Y5w== X-Gm-Message-State: AOJu0YzaAp0RdS3618U85ghhk4EE8bVUiPmUJGUoiMjWjoYpZyzARIil LQy1yrCS0TeGEgymyfA693GxCN+qgpMn8gYxyfDTZ0iflrNP5Rpm2e9tP2Bx4p03ZUcVp58gcKb v X-Received: by 2002:adf:fece:0:b0:368:5d2:179 with SMTP id ffacd0b85a97d-369dee56dafmr2550057f8f.56.1721747369254; Tue, 23 Jul 2024 08:09:29 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3687868b33bsm11844377f8f.33.2024.07.23.08.09.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 23 Jul 2024 08:09:29 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Stefan Hajnoczi , Fam Zheng , qemu-block@nongnu.org Subject: [PATCH] util/async.c: Forbid negative min/max in aio_context_set_thread_pool_params() Date: Tue, 23 Jul 2024 16:09:27 +0100 Message-Id: <20240723150927.1396456-1-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42e; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org aio_context_set_thread_pool_params() takes two int64_t arguments to set the minimum and maximum number of threads in the pool. We do some bounds checking on these, but we don't catch the case where the inputs are negative. This means that later in the function when we assign these inputs to the AioContext::thread_pool_min and ::thread_pool_max fields, which are of type int, the values might overflow the smaller type. A negative number of threads is meaningless, so make aio_context_set_thread_pool_params() return an error if either min or max are negative. Resolves: Coverity CID 1547605 Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé --- util/async.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/async.c b/util/async.c index 0467890052a..3e3e4fc7126 100644 --- a/util/async.c +++ b/util/async.c @@ -746,7 +746,7 @@ void aio_context_set_thread_pool_params(AioContext *ctx, int64_t min, int64_t max, Error **errp) { - if (min > max || !max || min > INT_MAX || max > INT_MAX) { + if (min > max || max <= 0 || min < 0 || min > INT_MAX || max > INT_MAX) { error_setg(errp, "bad thread-pool-min/thread-pool-max values"); return; }