qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 01/34] linux-user: Fix array bounds in errno con

From: Peter Maydell
Subject: Re: [Qemu-devel] [PATCH 01/34] linux-user: Fix array bounds in errno conversion
Date: Fri, 11 Sep 2015 11:59:29 +0100 
On 6 September 2015 at 00:56, Timothy E Baldwin
<address@hidden> wrote:
> Check array bounds in host_to_target_errno() and target_to_host_errno().
>
> Signed-off-by: Timothy Edward Baldwin <address@hidden>
> ---
>  linux-user/syscall.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 264debc..4e40dc6 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -566,14 +566,14 @@ static uint16_t 
> host_to_target_errno_table[ERRNO_TABLE_SIZE] = {
>
>  static inline int host_to_target_errno(int err)
>  {
> -    if(host_to_target_errno_table[err])
> +    if(err < ERRNO_TABLE_SIZE && host_to_target_errno_table[err])
>          return host_to_target_errno_table[err];
>      return err;
>  }
>
>  static inline int target_to_host_errno(int err)
>  {
> -    if (target_to_host_errno_table[err])
> +    if (err < ERRNO_TABLE_SIZE && target_to_host_errno_table[err])
>          return target_to_host_errno_table[err];
>      return err;
>  }

Maybe we should also check that the passed in error value is
not negative? (Given the errno-is-positive/syscall-return-negative
conventions, it's an easy mistake to make...)

-- PMM
reply via email to
[Prev in Thread] Current Thread [Next in Thread]