diff options
| author | Philippe Mathieu-Daudé <philmd@redhat.com> | 2023-08-11 18:47:50 +0100 |
|---|---|---|
| committer | Klaus Jensen <k.jensen@samsung.com> | 2023-09-12 16:17:05 +0200 |
| commit | b02c2a85a6c8e5ecc1bfca1ef794b5897c9ebad3 (patch) | |
| tree | 5d888137ea529ae87029b3d0cd9f39cb9e7d26eb | |
| parent | 9ef497755afc252fb8e060c9ea6b0987abfd20b6 (diff) | |
hw/nvme: Use #define to avoid variable length array
In nvme_map_sgl() we create an array segment[] whose size is the
'const int SEG_CHUNK_SIZE'. Since this is C, rather than C++, a
"const int foo" is not a true constant, it's merely a variable with a
constant value, and so semantically segment[] is a variable-length
array. Switch SEG_CHUNK_SIZE to a #define so that we can make the
segment[] array truly fixed-size, in the sense that it doesn't
trigger the -Wvla warning.
The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions. This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g. CVE-2021-3527).
[PMM: rebased (function has moved file), expand commit message
based on discussion from previous version of patch]
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
| -rw-r--r-- | hw/nvme/ctrl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index 539d273553..d99a6f5c9a 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -1045,7 +1045,7 @@ static uint16_t nvme_map_sgl(NvmeCtrl *n, NvmeSg *sg, NvmeSglDescriptor sgl, * descriptors and segment chain) than the command transfer size, so it is * not bounded by MDTS. */ - const int SEG_CHUNK_SIZE = 256; +#define SEG_CHUNK_SIZE 256 NvmeSglDescriptor segment[SEG_CHUNK_SIZE], *sgld, *last_sgld; uint64_t nsgld; |