Message ID | 20210704205255.27124-3-marcel.apfelbaum@gmail.com |
---|---|
State | New |
Headers | show |
Series | [PULL,V2,1/3] hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582) | expand |
diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c index 84ae8024fc..7c0c3551a8 100644 --- a/hw/rdma/vmw/pvrdma_main.c +++ b/hw/rdma/vmw/pvrdma_main.c @@ -92,6 +92,11 @@ static int init_dev_ring(PvrdmaRing *ring, PvrdmaRingState **ring_state, uint64_t *dir, *tbl; int rc = 0; + if (!num_pages) { + rdma_error_report("Ring pages count must be strictly positive"); + return -EINVAL; + } + dir = rdma_pci_dma_map(pci_dev, dir_addr, TARGET_PAGE_SIZE); if (!dir) { rdma_error_report("Failed to map to page directory (ring %s)", name);