[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] hw/pci-host/bonito: Avoid buffer overrun for ba
From: |
Aurelien Jarno |
Subject: |
Re: [Qemu-devel] [PATCH] hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses |
Date: |
Fri, 31 Jul 2015 00:02:01 +0200 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On 2015-07-30 16:33, Peter Maydell wrote:
> The LDMA and COP memory regions represent four 32 bit registers
> each, but the memory regions themselves are 0x100 bytes large.
> Add guards to the read and write accessors so that bogus accesses
> beyond the four defined registers don't just run off the end of
> the bonldma and boncop structs and into whatever lies beyond.
Thanks for finding that. I don't know if it is better to reduce the
memory region or just ignore the access as in your patch. I haven't
found any documentation about the bonito northbridge, so I think it's
safer to go like in your patch.
> Signed-off-by: Peter Maydell <address@hidden>
> ---
> I don't have a fulong2e image, so this is compile tested only...
I have just tested, it still boots fine with the change.
> hw/pci-host/bonito.c | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
Acked-by: Aurelien Jarno <address@hidden>
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
address@hidden http://www.aurel32.net