On Tue, Aug 24, 2010 at 09:27:41PM +0800, Ken CC wrote: > If pci addr provided from command line is bigger than 32, > PCIBUS_MAX_DEVICES, return error -EINVAL. > > 32 << 3 | 7 == 256 (PCIBUS_MAX_FUNCTIONS) > PCIBUS_MAX_FUNCTIONS = PCIBUS_MAX_DEVICES * PCI_FUNCTIONS_PER_DEVICE
Not really sure what these equations mean, the patch makes sense though, we should validate input. > Signed-off-by: Ken CC <ken.c...@gmail.com> > --- > hw/qdev-properties.c | 4 +++- > 1 files changed, 3 insertions(+), 1 deletions(-) > > diff --git a/hw/qdev-properties.c b/hw/qdev-properties.c > index 9219cd7..565fd08 100644 > --- a/hw/qdev-properties.c > +++ b/hw/qdev-properties.c > @@ -1,5 +1,5 @@ > #include "net.h" > -#include "qdev.h" > +#include "pci.h" > #include "qerror.h" > > void *qdev_get_prop_ptr(DeviceState *dev, Property *prop) > @@ -514,6 +514,8 @@ static int parse_pci_devfn(DeviceState *dev, Property > *prop, const char *str) > return -EINVAL; > } > } > + if (slot >= PCIBUS_MAX_DEVICES) > + return -EINVAL; > if (str[n] != '\0') > return -EINVAL; > if (fn > 7)
