On Wed, Feb 28, 2024 at 09:24:07PM +0300, Dan Carpenter wrote:
> The dev->vqs[] array has "dev->vq_num" elements. It's allocated in
> vduse_dev_init_vqs(). Thus, this > comparison needs to be >= to avoid
> reading one element beyond the end of the array.
>
> Add an array_index_nospec() as well
On Thu, Feb 29, 2024 at 3:19 AM Stefan Hajnoczi wrote:
>
> On Wed, 28 Feb 2024 at 13:24, Dan Carpenter wrote:
> >
> > The dev->vqs[] array has "dev->vq_num" elements. It's allocated in
> > vduse_dev_init_vqs(). Thus, this > comparison needs to be >= to avoid
> > reading one element beyond the
On Wed, 28 Feb 2024 at 13:24, Dan Carpenter wrote:
>
> The dev->vqs[] array has "dev->vq_num" elements. It's allocated in
> vduse_dev_init_vqs(). Thus, this > comparison needs to be >= to avoid
> reading one element beyond the end of the array.
>
> Add an array_index_nospec() as well to prevent
The dev->vqs[] array has "dev->vq_num" elements. It's allocated in
vduse_dev_init_vqs(). Thus, this > comparison needs to be >= to avoid
reading one element beyond the end of the array.
Add an array_index_nospec() as well to prevent speculation issues.
Fixes: 316ecd1346b0 ("vduse: Add file
4 matches
Mail list logo
