diff options
author | John Levon <john.levon@nutanix.com> | 2024-03-21 16:21:39 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-21 16:21:39 +0000 |
commit | b646559cc90f1a1f475fc47048bbbd955e20f4a2 (patch) | |
tree | 0826af01291578e80b922e22d6651f070ee2783b /lib/common.h | |
parent | 6f6fdc58b78aa9698c116962a470a03f4292a477 (diff) | |
download | libvfio-user-b646559cc90f1a1f475fc47048bbbd955e20f4a2.zip libvfio-user-b646559cc90f1a1f475fc47048bbbd955e20f4a2.tar.gz libvfio-user-b646559cc90f1a1f475fc47048bbbd955e20f4a2.tar.bz2 |
correct IRQ range check (#791)
Our previous fuzzing attempts missed this incorrect range check, but
SPDK's fuzzing did catch it. Make the check using a saturating add so
that we account for overflow.
Fixes issue #790.
Reported-by: Sebastian Brzezinka <sebastian.brzezinka@intel.com>
Signed-off-by: John Levon <john.levon@nutanix.com>
Diffstat (limited to 'lib/common.h')
-rw-r--r-- | lib/common.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/common.h b/lib/common.h index 40b9b27..c4de49a 100644 --- a/lib/common.h +++ b/lib/common.h @@ -77,6 +77,14 @@ ERROR_PTR(int err) return NULL; } +/* Saturating uint32_t addition. */ +static inline uint32_t +satadd_u32(uint32_t a, uint32_t b) +{ + uint64_t res = a + b; + return (res < a) ? UINT32_MAX : res; +} + /* Saturating uint64_t addition. */ static inline uint64_t satadd_u64(uint64_t a, uint64_t b) |