[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-4.0 v3 1/4] unify len and addr type for memo
From: |
Richard Henderson |
Subject: |
Re: [Qemu-devel] [PATCH for-4.0 v3 1/4] unify len and addr type for memory/address APIs |
Date: |
Mon, 3 Dec 2018 10:42:42 -0600 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1 |
On 12/3/18 8:48 AM, Li Zhijian wrote:
> Some address/memory APIs have different type between
> 'hwaddr/target_ulong addr' and 'int len'. It is very unsafety, espcially
> some APIs will be passed a non-int len by caller which might cause
> overflow quietly.
> Below is an potential overflow case:
> dma_memory_read(uint32_t len)
> -> dma_memory_rw(uint32_t len)
> -> dma_memory_rw_relaxed(uint32_t len)
> -> address_space_rw(int len) # len overflow
>
> CC: Paolo Bonzini <address@hidden>
> CC: Peter Crosthwaite <address@hidden>
> CC: Richard Henderson <address@hidden>
> CC: Peter Maydell <address@hidden>
> Signed-off-by: Li Zhijian <address@hidden>
>
> ---
> V3: use the same type between len and addr(Peter Maydell)
> rebase code basing on https://patchew.org/QEMU/address@hidden/
> ---
> exec.c | 47
> +++++++++++++++++++++++------------------------
> include/exec/cpu-all.h | 2 +-
> include/exec/cpu-common.h | 8 ++++----
> include/exec/memory.h | 22 +++++++++++-----------
> 4 files changed, 39 insertions(+), 40 deletions(-)
Reviewed-by: Richard Henderson <address@hidden>
r~
- Re: [Qemu-devel] [PATCH for-4.0 v3 2/4] refactor load_image_size, (continued)
[Qemu-devel] [PATCH for-4.0 v3 1/4] unify len and addr type for memory/address APIs, Li Zhijian, 2018/12/03