virtio-scsi: Fix num_queue input validation

We need to count the ctrlq and eventq, and also cleanup before returning. Besides, the format string should be unsigned. The number could never be less than zero. Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
author: Fam Zheng <famz@redhat.com> 2014-10-31 11:04:31 +0800
committer: Paolo Bonzini <pbonzini@redhat.com> 2014-10-31 11:29:02 +0100
commit: 0ba1f53191221b541b938df86a39eeccfb87f996 (patch)
tree: e930a80d0cbbf94d2d40eb8e20488b855607d1cc
parent: fb7b5c0df6e3c501973ce4d57eb2b1d4344a519d (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index 235c2053da..fdcacfd79a 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -804,10 +804,11 @@ void virtio_scsi_common_realize(DeviceState *dev, Error **errp,
     virtio_init(vdev, "virtio-scsi", VIRTIO_ID_SCSI,
                 sizeof(VirtIOSCSIConfig));
 
-    if (s->conf.num_queues <= 0 || s->conf.num_queues > VIRTIO_PCI_QUEUE_MAX) {
-        error_setg(errp, "Invalid number of queues (= %" PRId32 "), "
+    if (s->conf.num_queues == 0 ||
+            s->conf.num_queues > VIRTIO_PCI_QUEUE_MAX - 2) {
+        error_setg(errp, "Invalid number of queues (= %" PRIu32 "), "
                          "must be a positive integer less than %d.",
-                   s->conf.num_queues, VIRTIO_PCI_QUEUE_MAX);
+                   s->conf.num_queues, VIRTIO_PCI_QUEUE_MAX - 2);
         virtio_cleanup(vdev);
         return;
     }
author	Fam Zheng <famz@redhat.com>	2014-10-31 11:04:31 +0800
committer	Paolo Bonzini <pbonzini@redhat.com>	2014-10-31 11:29:02 +0100
commit	0ba1f53191221b541b938df86a39eeccfb87f996 (patch)
tree	e930a80d0cbbf94d2d40eb8e20488b855607d1cc
parent	fb7b5c0df6e3c501973ce4d57eb2b1d4344a519d (diff)