[openib-general] [PATCH updated] libmthca: create_cq/resize_cq input validation
Michael S. Tsirkin
mst at mellanox.co.il
Tue Jul 4 05:59:57 PDT 2006
Here's an updated version of Dotan's patch (that was line wrapped).
---
Passing huge size values to create_cq/resize_cq causes hang in align_cq_size.
Fix this by validating input, similiar to what we do for create_qp.
Signed-off-by: Dotan Barak <dotanb at mellanox.co.il>
Signed-off-by: Michael S. Tsirkin <mst at mellanox.co.il>
Index: last_stable/src/userspace/libmthca/src/verbs.c
===================================================================
--- last_stable.orig/src/userspace/libmthca/src/verbs.c 2006-07-04 15:22:20.000000000 +0300
+++ last_stable/src/userspace/libmthca/src/verbs.c 2006-07-04 15:23:49.000000000 +0300
@@ -174,6 +174,9 @@ struct ibv_cq *mthca_create_cq(struct ib
struct mthca_cq *cq;
int ret;
+ if (cqe > 131072)
+ return NULL;
+
cq = malloc(sizeof *cq);
if (!cq)
return NULL;
@@ -264,6 +268,9 @@ int mthca_resize_cq(struct ibv_cq *ibcq,
int old_cqe;
int ret;
+ if (cqe > 131072)
+ return EINVAL;
+
pthread_spin_lock(&cq->lock);
cqe = align_cq_size(cqe);
--
MST
More information about the general
mailing list