vfio/pci: Fix unsigned comparison overflow
authorAlex Williamson <alex.williamson@redhat.com>
Mon, 22 Feb 2016 23:02:29 +0000 (16:02 -0700)
committerAlex Williamson <alex.williamson@redhat.com>
Mon, 22 Feb 2016 23:03:54 +0000 (16:03 -0700)
commitb95d9305e8cb8d432ca02da1b759fef59bc50ace
treea03a6873c98e0abaa3caabb333ce7989f742eb7e
parent81f70ba233d5f660e1ea5fe23260ee323af5d53a
vfio/pci: Fix unsigned comparison overflow

Signed versus unsigned comparisons are implicitly cast to unsigned,
which result in a couple possible overflows.  For instance (start +
count) might overflow and wrap, getting through our validation test.
Also when unwinding setup, -1 being compared as unsigned doesn't
produce the intended stop condition.  Fix both of these and also fix
vfio_msi_set_vector_signal() to validate parameters before using the
vector index, though none of the callers should pass bad indexes
anymore.

Reported-by: Eric Auger <eric.auger@linaro.org>
Reviewed-by: Eric Auger <eric.auger@linaro.org>
Tested-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
drivers/vfio/pci/vfio_pci_intrs.c