aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarc-André Lureau <marcandre.lureau@redhat.com>2015-09-15 16:55:10 +0200
committerMarc-André Lureau <marcandre.lureau@redhat.com>2015-10-24 18:02:48 +0200
commit61ea2d8648d32b8e84da62f142dc08fa9ee5b7b9 (patch)
treeb8524c038de9c30f1d2a7737f1a228576eb8f55f
parent03977ad552874f6598a8f0ef3089e6846ba01a2b (diff)
ivshmem: limit maximum number of peers to G_MAXUINT16
Limit the maximum number of peers to MAXUINT16. This is more realistic and better matches the limit of the doorbell register. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
-rw-r--r--hw/misc/ivshmem.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c
index e7224b9528..3787398c19 100644
--- a/hw/misc/ivshmem.c
+++ b/hw/misc/ivshmem.c
@@ -34,6 +34,7 @@
#define PCI_VENDOR_ID_IVSHMEM PCI_VENDOR_ID_REDHAT_QUMRANET
#define PCI_DEVICE_ID_IVSHMEM 0x1110
+#define IVSHMEM_MAX_PEERS G_MAXUINT16
#define IVSHMEM_IOEVENTFD 0
#define IVSHMEM_MSI 1
@@ -421,8 +422,8 @@ static int increase_dynamic_storage(IVShmemState *s, int new_min_size)
int j, old_nb_alloc;
- /* check for integer overflow */
- if (new_min_size >= INT_MAX / sizeof(Peer) - 1 || new_min_size <= 0) {
+ /* limit number of max peers */
+ if (new_min_size <= 0 || new_min_size > IVSHMEM_MAX_PEERS) {
return -1;
}