On Montag, 17. Mai 2021 13:35:09 CEST Greg Kurz wrote: > On Sun, 16 May 2021 17:55:34 +0200 > > Christian Schoenebeck <qemu_...@crudebyte.com> wrote: > > There is only one comparison between nwnames and P9_MAXWELEM required. > > > > Signed-off-by: Christian Schoenebeck <qemu_...@crudebyte.com> > > --- > > Nice catch. It's been there for a decade :) > > Reviewed-by: Greg Kurz <gr...@kaod.org>
Now that was a quick response! Queued, thanks! https://github.com/cschoenebeck/qemu/commits/9p.next > > > hw/9pfs/9p.c | 9 +++++---- > > 1 file changed, 5 insertions(+), 4 deletions(-) > > > > diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c > > index 0fa776af09..89aa07db78 100644 > > --- a/hw/9pfs/9p.c > > +++ b/hw/9pfs/9p.c > > @@ -1739,7 +1739,11 @@ static void coroutine_fn v9fs_walk(void *opaque) > > > > trace_v9fs_walk(pdu->tag, pdu->id, fid, newfid, nwnames); > > > > - if (nwnames && nwnames <= P9_MAXWELEM) { > > + if (nwnames > P9_MAXWELEM) { > > + err = -EINVAL; > > + goto out_nofid; > > + } > > + if (nwnames) { > > > > wnames = g_new0(V9fsString, nwnames); > > qids = g_new0(V9fsQID, nwnames); > > for (i = 0; i < nwnames; i++) { > > > > @@ -1753,9 +1757,6 @@ static void coroutine_fn v9fs_walk(void *opaque) > > > > } > > offset += err; > > > > } > > > > - } else if (nwnames > P9_MAXWELEM) { > > - err = -EINVAL; > > - goto out_nofid; > > > > } > > fidp = get_fid(pdu, fid); > > if (fidp == NULL) {
