The callback for building CDAT tables may return negative error codes.
This was previously unhandled and will result in potentially huge
allocations later on in ct3_build_cdat()
Detect the negative error code and defer cdat building.
Signed-off-by: Ira Weiny <[email protected]>
---
This likely needs to have some more robust error handling in the event
of errors. But this at least prevents more errors down the line with
invalid allocations.
---
hw/cxl/cxl-cdat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/cxl/cxl-cdat.c b/hw/cxl/cxl-cdat.c
index 639a2db3e17b..24829cf2428d 100644
--- a/hw/cxl/cxl-cdat.c
+++ b/hw/cxl/cxl-cdat.c
@@ -63,7 +63,7 @@ static void ct3_build_cdat(CDATObject *cdat, Error **errp)
cdat->built_buf_len = cdat->build_cdat_table(&cdat->built_buf,
cdat->private);
- if (!cdat->built_buf_len) {
+ if (cdat->built_buf_len <= 0) {
/* Build later as not all data available yet */
cdat->to_update = true;
return;
--
2.41.0
On 11/17/23 18:14, Ira Weiny wrote:
> The callback for building CDAT tables may return negative error codes.
> This was previously unhandled and will result in potentially huge
> allocations later on in ct3_build_cdat()
>
> Detect the negative error code and defer cdat building.
>
> Signed-off-by: Ira Weiny <[email protected]>
Reviewed-by: Dave Jiang <[email protected]>
>
> ---
> This likely needs to have some more robust error handling in the event
> of errors. But this at least prevents more errors down the line with
> invalid allocations.
> ---
> hw/cxl/cxl-cdat.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/cxl/cxl-cdat.c b/hw/cxl/cxl-cdat.c
> index 639a2db3e17b..24829cf2428d 100644
> --- a/hw/cxl/cxl-cdat.c
> +++ b/hw/cxl/cxl-cdat.c
> @@ -63,7 +63,7 @@ static void ct3_build_cdat(CDATObject *cdat, Error **errp)
> cdat->built_buf_len = cdat->build_cdat_table(&cdat->built_buf,
> cdat->private);
>
> - if (!cdat->built_buf_len) {
> + if (cdat->built_buf_len <= 0) {
> /* Build later as not all data available yet */
> cdat->to_update = true;
> return;
>