Message ID | 20190214201939.494-2-philmd@redhat.com |
---|---|
State | New |
Headers | show |
Series | ccid-card-passthru: check buffer size parameter | expand |
On 2/14/19 2:19 PM, Philippe Mathieu-Daudé wrote: > chardev::read() depends of what chardev::can_read() returns, move the s/of/on/ > assertion to can_read(). > > Suggested-by: Paolo Bonzini <pbonzini@redhat.com> > Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> > --- > hw/usb/ccid-card-passthru.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) >
On Thu, Feb 14, 2019 at 09:19:31PM +0100, Philippe Mathieu-Daudé wrote: >chardev::read() depends of what chardev::can_read() returns, move the >assertion to can_read(). > >Suggested-by: Paolo Bonzini <pbonzini@redhat.com> >Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> >--- > hw/usb/ccid-card-passthru.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > >diff --git a/hw/usb/ccid-card-passthru.c b/hw/usb/ccid-card-passthru.c >index 0a6c657228..8bb1314f49 100644 >--- a/hw/usb/ccid-card-passthru.c >+++ b/hw/usb/ccid-card-passthru.c >@@ -116,8 +116,8 @@ static int ccid_card_vscard_can_read(void *opaque) > { > PassthruState *card = opaque; > >- return VSCARD_IN_SIZE >= card->vscard_in_pos ? >- VSCARD_IN_SIZE - card->vscard_in_pos : 0; >+ assert(card->vscard_in_pos <= VSCARD_IN_SIZE); Do you have special reason change "<" to "<="? >+ return VSCARD_IN_SIZE - card->vscard_in_pos; > } > > static void ccid_card_vscard_handle_init( >@@ -282,7 +282,6 @@ static void ccid_card_vscard_read(void *opaque, const uint8_t *buf, int size) > ccid_card_vscard_drop_connection(card); > return; > } >- assert(card->vscard_in_pos < VSCARD_IN_SIZE); > assert(card->vscard_in_hdr < VSCARD_IN_SIZE); > memcpy(card->vscard_in_data + card->vscard_in_pos, buf, size); > card->vscard_in_pos += size; >-- >2.20.1 >
Hi On Thu, Feb 14, 2019 at 9:19 PM Philippe Mathieu-Daudé <philmd@redhat.com> wrote: > > chardev::read() depends of what chardev::can_read() returns, move the > assertion to can_read(). > > Suggested-by: Paolo Bonzini <pbonzini@redhat.com> > Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Moving to can_read() makes sense, because nothing (except the chardev BREAK event) should update vscard_in_pos between the can_read() and read() callback. Changing the condition from < to <= could use some explanation. The can_read() callback should handle the case where the vscard_in buffer is full (adding = is necessary). And the read() callback should not be called with size == 0, when card->vscard_in_pos == VSCARD_IN_SIZE (no data to read). But it wouldn't harm to leave the existing assert(). Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> > --- > hw/usb/ccid-card-passthru.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/hw/usb/ccid-card-passthru.c b/hw/usb/ccid-card-passthru.c > index 0a6c657228..8bb1314f49 100644 > --- a/hw/usb/ccid-card-passthru.c > +++ b/hw/usb/ccid-card-passthru.c > @@ -116,8 +116,8 @@ static int ccid_card_vscard_can_read(void *opaque) > { > PassthruState *card = opaque; > > - return VSCARD_IN_SIZE >= card->vscard_in_pos ? > - VSCARD_IN_SIZE - card->vscard_in_pos : 0; > + assert(card->vscard_in_pos <= VSCARD_IN_SIZE); > + return VSCARD_IN_SIZE - card->vscard_in_pos; > } > > static void ccid_card_vscard_handle_init( > @@ -282,7 +282,6 @@ static void ccid_card_vscard_read(void *opaque, const uint8_t *buf, int size) > ccid_card_vscard_drop_connection(card); > return; > } > - assert(card->vscard_in_pos < VSCARD_IN_SIZE); > assert(card->vscard_in_hdr < VSCARD_IN_SIZE); > memcpy(card->vscard_in_data + card->vscard_in_pos, buf, size); > card->vscard_in_pos += size; > -- > 2.20.1 >
diff --git a/hw/usb/ccid-card-passthru.c b/hw/usb/ccid-card-passthru.c index 0a6c657228..8bb1314f49 100644 --- a/hw/usb/ccid-card-passthru.c +++ b/hw/usb/ccid-card-passthru.c @@ -116,8 +116,8 @@ static int ccid_card_vscard_can_read(void *opaque) { PassthruState *card = opaque; - return VSCARD_IN_SIZE >= card->vscard_in_pos ? - VSCARD_IN_SIZE - card->vscard_in_pos : 0; + assert(card->vscard_in_pos <= VSCARD_IN_SIZE); + return VSCARD_IN_SIZE - card->vscard_in_pos; } static void ccid_card_vscard_handle_init( @@ -282,7 +282,6 @@ static void ccid_card_vscard_read(void *opaque, const uint8_t *buf, int size) ccid_card_vscard_drop_connection(card); return; } - assert(card->vscard_in_pos < VSCARD_IN_SIZE); assert(card->vscard_in_hdr < VSCARD_IN_SIZE); memcpy(card->vscard_in_data + card->vscard_in_pos, buf, size); card->vscard_in_pos += size;
chardev::read() depends of what chardev::can_read() returns, move the assertion to can_read(). Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> --- hw/usb/ccid-card-passthru.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)