On Tue, Sep 25, 2018 at 03:23:27PM +0800, Jason Wang wrote:
> There should not be a reason for passing a packet size greater than
> INT_MAX. It's usually a hint of bug somewhere, so ignore packet size
> greater than INT_MAX in qemu_deliver_packet_iov()
>
> CC: qemu-sta...@nongnu.org
> Reported-by: Daniel Shapira <dan...@twistlock.com>
> Signed-off-by: Jason Wang <jasow...@redhat.com>
> ---
> net/net.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/net/net.c b/net/net.c
> index fd8efebfdb..df216e3811 100644
> --- a/net/net.c
> +++ b/net/net.c
> @@ -712,10 +712,15 @@ ssize_t qemu_deliver_packet_iov(NetClientState *sender,
> void *opaque)
> {
> NetClientState *nc = opaque;
> + size_t size = iov_size(iov, iovcnt);
> int ret;
>
This adds a useless iov scan on the good path.
Can't be good for performance...
> + if (size > INT_MAX) {
> + return size;
> + }
> +
> if (nc->link_down) {
> - return iov_size(iov, iovcnt);
> + return size;
> }
>
> if (nc->receive_disabled) {
> --
> 2.17.1
