[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] c3ade3: hw/m68k/mcf5208: Avoid shifting off e
From: |
Peter Maydell |
Subject: |
[Qemu-commits] [qemu/qemu] c3ade3: hw/m68k/mcf5208: Avoid shifting off end of integer |
Date: |
Mon, 09 Sep 2024 02:48:08 -0700 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: c3ade30ac1dd8f4b54928309570ab3513905e65a
https://github.com/qemu/qemu/commit/c3ade30ac1dd8f4b54928309570ab3513905e65a
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-08 (Sun, 08 Sep 2024)
Changed paths:
M hw/m68k/mcf5208.c
Log Message:
-----------
hw/m68k/mcf5208: Avoid shifting off end of integer
In m5208_sys_read(), we have a loop of n from 0 to 31, and we
calculate (2u << n). For the n == 31 iteration this will shift off
the top of the unsigned 32 bit integer.
This is harmless, because we're going to stop the loop with n == 31
anyway, but we can avoid the error by using 64-bit arithmetic here.
(The SDCS0 register is documented at
https://www.nxp.com/docs/en/reference-manual/MCF5208RM.pdf
section 18.4.5; we want the lower 5 bits to indicate the
RAM size, where 31 == 4GB, 30 == 2GB, and so on down.
As it happens, the layout of the mcf5208evb board memory map
means it doesn't make sense to have more than 1GB of RAM
in any case.)
Resolves: Coverity CID 1547727
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Message-ID: <20240830173452.2086140-2-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Commit: 175f5a5b48033579d4de5c904a9f43c0d327152e
https://github.com/qemu/qemu/commit/175f5a5b48033579d4de5c904a9f43c0d327152e
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-08 (Sun, 08 Sep 2024)
Changed paths:
M hw/m68k/mcf5208.c
Log Message:
-----------
hw/m68k/mcf5208: Add URLs for datasheets
The datasheets for the SoC and board we model here are still
available from the NXP website; add their URLs and titles for
future reference.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Message-ID: <20240830173452.2086140-3-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Commit: df827aace663fdd9c432e2ff76fb13d20cbc0ca4
https://github.com/qemu/qemu/commit/df827aace663fdd9c432e2ff76fb13d20cbc0ca4
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-08 (Sun, 08 Sep 2024)
Changed paths:
M hw/nubus/nubus-device.c
Log Message:
-----------
hw/nubus/nubus-device: Range check 'slot' property
The TYPE_NUBUS_DEVICE class lets the user specify the nubus slot
using an int32 "slot" QOM property. Its realize method doesn't do
any range checking on this value, which Coverity notices by way of
the possibility that 'nd->slot * NUBUS_SUPER_SLOT_SIZE' might
overflow the 32-bit arithmetic it is using.
Constrain the slot value to be less than NUBUS_SLOT_NB (16).
Resolves: Coverity CID 1464070
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20240830173452.2086140-4-peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Commit: f2aee60305a1e40374b2fc1093e4d04404e780ee
https://github.com/qemu/qemu/commit/f2aee60305a1e40374b2fc1093e4d04404e780ee
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-09 (Mon, 09 Sep 2024)
Changed paths:
M hw/m68k/mcf5208.c
M hw/nubus/nubus-device.c
Log Message:
-----------
Merge tag 'pull-request-2024-09-08' of https://gitlab.com/huth/qemu into
staging
* Fix Coverity issues in mcf5208evb and nubus machines
* Add URLs for mcf5208evb datasheets
# -----BEGIN PGP SIGNATURE-----
#
# iQJHBAABCAAxFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmbdl4gTHGh1dGhAdHV4
# ZmFtaWx5Lm9yZwAKCRAu2dd0/nAttaRsD/9qqE75Glk1/BYtbI5N4E1Q30vC9lTl
# /R+gOJod44E6/xeOgvvpliCTzsnrHM3sfk2n/EBoEUfQ3Ci3UqZe+wmBgsj+Wv4H
# IIM5Aviq05dwj0B2mgqFFpXLV/ilVTpl3vpkBL82hLmZH+5xre4P/qgn4JwwAAAi
# 7quHBcYCwTALB0bizaGj7djwABF7cThkI5z0qE46spju4N6YflfYOE3oRmcqW9Di
# gM5G5CcbJkUmAxeRpBaS+fD/pXjFgYSqZsfjHwaRBQLG+LLdy+EmNiS1UUBvZeE2
# J5w82qaFly+UMXcYEuOxApVP3Mf1M2sG4o2qoQaqGtvqjBvaXVwbUFcVEgYePZEf
# oRweSPjZTarsSCPx/11UOKPz9j3wh5wFME+j8I2TdOl5IZkYp1pL9hpls/Jyz+Ii
# /0JfWna8MlDEpoo/e0sNA+IEcg340BiNqBFMgWkl1TvzKyOJcSorlbbpq1rE0kr0
# Y2+g/rr9hEVh1E+Yla6Me7GOcNUvT77yhrpTdagX6NG7qZfJ4tB0/hADeZ6ic+sC
# Xf48RtD3uzAknBy9awL/hIJWx2sKrS36E01EZj8KvokQzhKawfU16P0++l1DMq9J
# 9npALGPIhpYm6JNTr4FZYd+88+ZEQEKkAjJ+a6t7/+gY5PINfRICpGMZtGB6LRvu
# NjVGIGuKHBYTPw==
# =3Pn7
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 08 Sep 2024 13:24:40 BST
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "huth@tuxfamily.org"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* tag 'pull-request-2024-09-08' of https://gitlab.com/huth/qemu:
hw/nubus/nubus-device: Range check 'slot' property
hw/m68k/mcf5208: Add URLs for datasheets
hw/m68k/mcf5208: Avoid shifting off end of integer
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/1581a0bc928d...f2aee60305a1
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
- [Qemu-commits] [qemu/qemu] c3ade3: hw/m68k/mcf5208: Avoid shifting off end of integer,
Peter Maydell <=