Page MenuHomeFreeBSD

bhyve: Avoid unlikely truncation of the blockif ident strings.
ClosedPublic

Authored by jhb on Nov 23 2022, 11:16 PM.
Tags
None
Referenced Files
F55414363: D37488.diff
Fri, Jan 27, 2:41 AM
Unknown Object (File)
Sun, Jan 1, 5:30 PM
Unknown Object (File)
Dec 16 2022, 1:17 PM
Unknown Object (File)
Nov 30 2022, 5:26 AM
Unknown Object (File)
Nov 29 2022, 1:11 AM

Details

Summary

The ident string for NVMe and VirtIO block deivces do not contain the
bus, and the various fields can potentially use up to three characters
when printed as unsigned values (full range of uint8_t) even if not
likely in practice.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 48479
Build 45365: arc lint + arc unit

Event Timeline

jhb requested review of this revision.Nov 23 2022, 11:16 PM
This revision is now accepted and ready to land.Nov 24 2022, 6:35 AM

GCC still warns about a potential overflow after this, but I think GCC's overflow checking has an off by one error.

usr.sbin/bhyve/pci_nvme.c
3229

Have you tried using %u? Maybe gcc warns due to the possible minus sign of signed integers?

LGTM but I'm also curious if @corvink suggestion of %u helps

Yes, %u helps, and there's actually similar bugs in ahci and virtio_blk so I'll update the review to fix all of those.

jhb retitled this revision from bhyve: Avoid unlikely truncation of the blockif ident for NVMe. to bhyve: Avoid unlikely truncation of the blockif ident strings..Nov 27 2022, 12:19 AM
jhb edited the summary of this revision. (Show Details)

Use %u, add ahci and virtio-blk

This revision now requires review to proceed.Nov 27 2022, 12:20 AM
This revision is now accepted and ready to land.Nov 27 2022, 8:01 AM