[openib-general] [PATCH updated] libmthca: create_cq/resize_cq input validation

Michael S. Tsirkin mst at mellanox.co.il
Tue Jul 4 05:59:57 PDT 2006


Here's an updated version of Dotan's patch (that was line wrapped).

---

Passing huge size values to create_cq/resize_cq causes hang in align_cq_size.
Fix this by validating input, similiar to what we do for create_qp.

Signed-off-by: Dotan Barak <dotanb at mellanox.co.il>
Signed-off-by: Michael S. Tsirkin <mst at mellanox.co.il>

Index: last_stable/src/userspace/libmthca/src/verbs.c
===================================================================
--- last_stable.orig/src/userspace/libmthca/src/verbs.c	2006-07-04 15:22:20.000000000 +0300
+++ last_stable/src/userspace/libmthca/src/verbs.c	2006-07-04 15:23:49.000000000 +0300
@@ -174,6 +174,9 @@ struct ibv_cq *mthca_create_cq(struct ib
 	struct mthca_cq      	   *cq;
 	int                  	    ret;
 
+	if (cqe > 131072)
+		return NULL;
+
 	cq = malloc(sizeof *cq);
 	if (!cq)
 		return NULL;
@@ -264,6 +268,9 @@ int mthca_resize_cq(struct ibv_cq *ibcq,
 	int old_cqe;
 	int ret;
 
+	if (cqe > 131072)
+		return EINVAL;
+
 	pthread_spin_lock(&cq->lock);
 
 	cqe = align_cq_size(cqe);

-- 
MST




More information about the general mailing list