From patchwork Fri Jan 11 18:15:05 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [07/10] vl.c: numa_add_node(): Validate nodeid before using it
Date: Fri, 11 Jan 2013 08:15:05 -0000
From: Eduardo Habkost <ehabkost@redhat.com>
X-Patchwork-Id: 211409
Message-Id: <1357928108-21066-8-git-send-email-ehabkost@redhat.com>
To: qemu-devel@nongnu.org
Cc: libvir-list@redhat.com, Chegu Vinod <chegu_vinod@hp.com>,
 Anthony Liguori <anthony@codemonkey.ws>

Without this check, qemu-kvm will corrupt memory if a too-large nodeid
is provided in the command-line. e.g.:

  -numa node,mem=...,cpus=...,nodeid=65

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>

---
vl.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/vl.c b/vl.c
index 19010fa..31175f6 100644
--- a/vl.c
+++ b/vl.c
@@ -1112,6 +1112,11 @@ static void numa_node_add(const char *optarg)
         nodenr = strtoull(option, NULL, 10);
     }
 
+    if (nodenr >= MAX_NODES) {
+        fprintf(stderr, "qemu: invalid NUMA nodeid: %d\n", nodenr);
+        exit(1);
+    }
+
     if (get_param_value(option, 128, "mem", optarg) == 0) {
         node_mem[nodenr] = 0;
     } else {