[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PULL 5/7] hw: convert the escc device to keycodemapdb
|
From: |
Daniel P . Berrangé |
|
Subject: |
Re: [Qemu-devel] [PULL 5/7] hw: convert the escc device to keycodemapdb |
|
Date: |
Thu, 31 Mar 2022 11:10:04 +0100 |
|
User-agent: |
Mutt/2.1.5 (2021-12-30) |
On Thu, Mar 31, 2022 at 11:03:49AM +0100, Peter Maydell wrote:
> On Mon, 29 Jan 2018 at 10:24, Gerd Hoffmann <kraxel@redhat.com> wrote:
> >
> > From: "Daniel P. Berrange" <berrange@redhat.com>
> >
> > Replace the qcode_to_keycode table with automatically
> > generated tables.
> >
> > Missing entries in qcode_to_keycode now fixed:
> >
> > - Q_KEY_CODE_KP_COMMA -> 0x2d
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > Message-id: 20180117164118.8510-3-berrange@redhat.com
> > Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
>
> > @@ -879,7 +759,11 @@ static void sunkbd_handle_event(DeviceState *dev,
> > QemuConsole *src,
> > }
> > }
> >
> > - keycode = qcode_to_keycode[qcode];
> > + if (qcode > qemu_input_map_qcode_to_sun_len) {
> > + return;
> > + }
> > +
> > + keycode = qemu_input_map_qcode_to_sun[qcode];
> > if (!key->down) {
> > keycode |= 0x80;
> > }
>
> Hi; I was looking at this code because Coverity is now clever enough
> to try to check whether the qemu_input_map_qcode_to_sun[] array
> is being overrun (though alas not clever enough to spot that
> qemu_input_map_qcode_to_sun_len is the length of that array,
> so there are false positive complaints about all the uses of these
> autogenerated arrays in all devices that use them).
>
> In this specific case, though, it does look like there's a bug:
> shouldn't the condition be "if (qcode >= qemu_input_map_qcode_to_sun_len)" ?
Yes, you are right.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|