diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2025-03-17 20:24:23 +1100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2025-03-20 20:33:27 +0100 |
| commit | 0857515c943d439eade80710c16f15f146dfa9e8 (patch) | |
| tree | 9ab7ef7aa39ddb8eeb9f58dd8cafb1c8635ff5b4 /contrib/qemu | |
| parent | 9153aca15bc1150e450dd56e79bc035cc2dbf27c (diff) | |
| download | passt-0857515c943d439eade80710c16f15f146dfa9e8.tar passt-0857515c943d439eade80710c16f15f146dfa9e8.tar.gz passt-0857515c943d439eade80710c16f15f146dfa9e8.tar.bz2 passt-0857515c943d439eade80710c16f15f146dfa9e8.tar.lz passt-0857515c943d439eade80710c16f15f146dfa9e8.tar.xz passt-0857515c943d439eade80710c16f15f146dfa9e8.tar.zst passt-0857515c943d439eade80710c16f15f146dfa9e8.zip | |
packet: ASSERT on signs of pool corruption
If packet_check_range() fails in packet_get_try_do() we just return NULL.
But this check only takes places after we've already validated the given
range against the packet it's in. That means that if packet_check_range()
fails, the packet pool is already in a corrupted state (we should have
made strictly stronger checks when the packet was added). Simply returning
NULL and logging a trace() level message isn't really adequate for that
situation; ASSERT instead.
Similarly we check the given idx against both p->count and p->size. The
latter should be redundant, because count should always be <= size. If
that's not the case then, again, the pool is already in a corrupted state
and we may have overwritten unknown memory. Assert for this case too.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'contrib/qemu')
0 files changed, 0 insertions, 0 deletions