[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2 1/3] x86/vmx: introduce vmx_find_msr()
On Wed, 2017-02-22 at 08:40 +0000, Tian, Kevin wrote: > > From: Sergey Dyasli [mailto:sergey.dyasli@xxxxxxxxxx] > > Sent: Wednesday, February 22, 2017 4:38 PM > > > > > > > > > > - for ( idx = 0; idx < *msr_count; idx++ ) > > > > + for ( idx = 0; (*msr_area)[idx].index <= msr && idx < *msr_count; > > > > idx++ ) > > > > > > risk of out-of-boundary access. > > > > How exactly out-of-bounds access is possible? The original condition > > > > idx < *msr_count > > > > Is still being checked on each loop iteration. > > > > Isn't "(*msr_area[idx]).index <= msr" checked before "idx < *msr_count"? > > So if idx==*msr_count, you first hit an out-of-boundary access... > > I think we should change the condition order here. > You are right. I will fix this in v3. -- Thanks, Sergey _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |