Pierre Morel writes:
> In vfio_listener_region_add(), we try to validate that the region is not
> zero sized and hasn't overflowed the addresses space.
>
> But the calculation uses the size of the region instead of
> using the region's limit (size - 1).
>
> This leads to Int128 overflow when the
On 01/27/2016 06:43 PM, Alex Williamson wrote:
On Wed, 2016-01-27 at 10:28 +0100, Pierre Morel wrote:
On 01/26/2016 06:00 PM, Alex Williamson wrote:
On Tue, 2016-01-26 at 15:51 +0100, Pierre Morel wrote:
On 01/22/2016 11:19 PM, Alex Williamson wrote:
On Fri, 2016-01-22 at 15:14 -0700, Ale
On Wed, 2016-01-27 at 10:28 +0100, Pierre Morel wrote:
>
> On 01/26/2016 06:00 PM, Alex Williamson wrote:
> > On Tue, 2016-01-26 at 15:51 +0100, Pierre Morel wrote:
> > > On 01/22/2016 11:19 PM, Alex Williamson wrote:
> > > > On Fri, 2016-01-22 at 15:14 -0700, Alex Williamson wrote:
> > > > > On T
On 01/26/2016 06:00 PM, Alex Williamson wrote:
On Tue, 2016-01-26 at 15:51 +0100, Pierre Morel wrote:
On 01/22/2016 11:19 PM, Alex Williamson wrote:
On Fri, 2016-01-22 at 15:14 -0700, Alex Williamson wrote:
On Thu, 2016-01-21 at 14:15 +0100, Pierre Morel wrote:
On 01/20/2016 04:46 PM, Alex
On Tue, 2016-01-26 at 15:51 +0100, Pierre Morel wrote:
>
> On 01/22/2016 11:19 PM, Alex Williamson wrote:
> > On Fri, 2016-01-22 at 15:14 -0700, Alex Williamson wrote:
> > > On Thu, 2016-01-21 at 14:15 +0100, Pierre Morel wrote:
> > > > On 01/20/2016 04:46 PM, Alex Williamson wrote:
> > > > > On W
On 01/22/2016 11:19 PM, Alex Williamson wrote:
On Fri, 2016-01-22 at 15:14 -0700, Alex Williamson wrote:
On Thu, 2016-01-21 at 14:15 +0100, Pierre Morel wrote:
On 01/20/2016 04:46 PM, Alex Williamson wrote:
On Wed, 2016-01-20 at 16:14 +0100, Pierre Morel wrote:
On 01/12/2016 07:16 PM, Alex
On Fri, 2016-01-22 at 15:14 -0700, Alex Williamson wrote:
> On Thu, 2016-01-21 at 14:15 +0100, Pierre Morel wrote:
> >
> > On 01/20/2016 04:46 PM, Alex Williamson wrote:
> > > On Wed, 2016-01-20 at 16:14 +0100, Pierre Morel wrote:
> > > > On 01/12/2016 07:16 PM, Alex Williamson wrote:
> > > > > On
On Thu, 2016-01-21 at 14:15 +0100, Pierre Morel wrote:
>
> On 01/20/2016 04:46 PM, Alex Williamson wrote:
> > On Wed, 2016-01-20 at 16:14 +0100, Pierre Morel wrote:
> > > On 01/12/2016 07:16 PM, Alex Williamson wrote:
> > > > On Tue, 2016-01-12 at 16:11 +0100, Pierre Morel wrote:
> > > > > In vfio
On 01/20/2016 04:46 PM, Alex Williamson wrote:
On Wed, 2016-01-20 at 16:14 +0100, Pierre Morel wrote:
On 01/12/2016 07:16 PM, Alex Williamson wrote:
On Tue, 2016-01-12 at 16:11 +0100, Pierre Morel wrote:
In vfio_listener_region_add(), we try to validate that the region
is
not
zero sized and
On Wed, 2016-01-20 at 16:14 +0100, Pierre Morel wrote:
>
> On 01/12/2016 07:16 PM, Alex Williamson wrote:
> > On Tue, 2016-01-12 at 16:11 +0100, Pierre Morel wrote:
> > > In vfio_listener_region_add(), we try to validate that the region
> > > is
> > > not
> > > zero sized and hasn't overflowed the
On 01/12/2016 07:16 PM, Alex Williamson wrote:
On Tue, 2016-01-12 at 16:11 +0100, Pierre Morel wrote:
In vfio_listener_region_add(), we try to validate that the region is
not
zero sized and hasn't overflowed the addresses space.
But the calculation uses the size of the region instead of
using
On Tue, 2016-01-12 at 16:11 +0100, Pierre Morel wrote:
> In vfio_listener_region_add(), we try to validate that the region is
> not
> zero sized and hasn't overflowed the addresses space.
>
> But the calculation uses the size of the region instead of
> using the region's limit (size - 1).
>
> Thi
In vfio_listener_region_add(), we try to validate that the region is not
zero sized and hasn't overflowed the addresses space.
But the calculation uses the size of the region instead of
using the region's limit (size - 1).
This leads to Int128 overflow when the region has
been initialized to UINT
13 matches
Mail list logo
