On Tue, 14 Aug 2018, Dominique Martinet wrote: > From: Dominique Martinet <[email protected]> > > If the xen bus exists but does not expose the proper interface, it is > possible to get a non-zero length but still some error, leading to > strcmp failing trying to load invalid memory addresses e.g. > fffffffffffffffe. > > There is then no need to check length when there is no error, as the > xenbus driver guarantees that the string is nul-terminated. > > Signed-off-by: Dominique Martinet <[email protected]> > Cc: Stefano Stabellini <[email protected]> > Cc: Eric Van Hensbergen <[email protected]> > Cc: Latchesar Ionkov <[email protected]>
Reviewed-by: Stefano Stabellini <[email protected]> > --- > > This is a trivial bug I stumbled on when setting up xen with p9fs and > running the VM in pvm: it had enough in the bus to trigger the probe > but then there was no version and it tried to return ENOENT but len > was set to the lower-level message size. > > net/9p/trans_xen.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/net/9p/trans_xen.c b/net/9p/trans_xen.c > index 1a5b38892eb4..f76beadddfc3 100644 > --- a/net/9p/trans_xen.c > +++ b/net/9p/trans_xen.c > @@ -391,9 +391,9 @@ static int xen_9pfs_front_probe(struct xenbus_device *dev, > unsigned int max_rings, max_ring_order, len = 0; > > versions = xenbus_read(XBT_NIL, dev->otherend, "versions", &len); > - if (!len) > - return -EINVAL; > + if (IS_ERR(versions)) > + return PTR_ERR(versions); > if (strcmp(versions, "1")) { > kfree(versions); > return -EINVAL; > } > -- > 2.17.1 >
