[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v1] xlnx-zdma: Correct mem leaks and memset to z
From: |
Edgar E. Iglesias |
Subject: |
Re: [Qemu-devel] [PATCH v1] xlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors |
Date: |
Mon, 28 May 2018 20:58:06 +0200 |
User-agent: |
NeoMutt/20170609 (1.8.3) |
On Mon, May 28, 2018 at 08:48:59PM +0200, Francisco Iglesias wrote:
> Coverity found that the string return by 'object_get_canonical_path' was not
> being freed at two locations in the model (CID 1391294 and CID 1391293) and
> also that a memset was being called with a value greater than the max of a
> byte
> on the second argument (CID 1391286). This patch corrects this by adding the
> freeing of the strings and also changing to memset to zero instead on
> descriptor unaligned errors.
Perhaps this should have been two patches but in any case:
Reviewed-by: Edgar E. Iglesias <address@hidden>
>
> Signed-off-by: Francisco Iglesias <address@hidden>
> ---
> hw/dma/xlnx-zdma.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/hw/dma/xlnx-zdma.c b/hw/dma/xlnx-zdma.c
> index 14d86c254b..8eea757aff 100644
> --- a/hw/dma/xlnx-zdma.c
> +++ b/hw/dma/xlnx-zdma.c
> @@ -302,7 +302,7 @@ static bool zdma_load_descriptor(XlnxZDMA *s, uint64_t
> addr, void *buf)
> qemu_log_mask(LOG_GUEST_ERROR,
> "zdma: unaligned descriptor at %" PRIx64,
> addr);
> - memset(buf, 0xdeadbeef, sizeof(XlnxZDMADescr));
> + memset(buf, 0x0, sizeof(XlnxZDMADescr));
> s->error = true;
> return false;
> }
> @@ -707,9 +707,11 @@ static uint64_t zdma_read(void *opaque, hwaddr addr,
> unsigned size)
> RegisterInfo *r = &s->regs_info[addr / 4];
>
> if (!r->data) {
> + gchar *path = object_get_canonical_path(OBJECT(s));
> qemu_log("%s: Decode error: read from %" HWADDR_PRIx "\n",
> - object_get_canonical_path(OBJECT(s)),
> + path,
> addr);
> + g_free(path);
> ARRAY_FIELD_DP32(s->regs, ZDMA_CH_ISR, INV_APB, true);
> zdma_ch_imr_update_irq(s);
> return 0;
> @@ -724,9 +726,11 @@ static void zdma_write(void *opaque, hwaddr addr,
> uint64_t value,
> RegisterInfo *r = &s->regs_info[addr / 4];
>
> if (!r->data) {
> + gchar *path = object_get_canonical_path(OBJECT(s));
> qemu_log("%s: Decode error: write to %" HWADDR_PRIx "=%" PRIx64 "\n",
> - object_get_canonical_path(OBJECT(s)),
> + path,
> addr, value);
> + g_free(path);
> ARRAY_FIELD_DP32(s->regs, ZDMA_CH_ISR, INV_APB, true);
> zdma_ch_imr_update_irq(s);
> return;
> --
> 2.11.0
>