[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-arm] [PULL 06/28] target/arm: use the common interface for WRI

From: Alex Bennée
Subject: Re: [Qemu-arm] [PULL 06/28] target/arm: use the common interface for WRITE0/WRITEC in arm-semi
Date: Thu, 30 May 2019 13:35:15 +0100
User-agent: mu4e 1.3.2; emacs 26.1

Peter Maydell <address@hidden> writes:

> On Tue, 28 May 2019 at 10:49, Alex Bennée <address@hidden> wrote:
>> Now we have a common semihosting console interface use that for our
>> string output. However ARM is currently unique in also supporting
>> semihosting for linux-user so we need to replicate the API in
>> linux-user. If other architectures gain this support we can move the
>> file later.
>> Signed-off-by: Alex Bennée <address@hidden>
>> Reviewed-by: Richard Henderson <address@hidden>
> Hi; Coverity points out an issue in this function (CID 1401700):
>> +int qemu_semihosting_console_out(CPUArchState *env, target_ulong addr, int 
>> len)
>> +{
>> +    void *s = lock_user_string(addr);
>> +    len = write(STDERR_FILENO, s, len ? len : strlen(s));
>> +    unlock_user(s, addr, 0);
>> +    return len;
>> +}
> We call lock_user_string(), which can fail and return NULL
> if the memory pointed to by addr isn't actually readable.
> But we don't check for the error, so we can pass a NULL
> pointer to write().

Mea culpa - I'd avoided the nastiness of the lock string stuff in the
softmmu case but reverted to a naive implementation for linux-user after
the fact. I'll send a fix for that.

> Also it looks a bit dodgy that we are passed in a
> specific length value but we then go and look at the length
> of the string, but we trust the specific length value over
> the length of the string. If len is larger than the real
> length of the string (including terminating NUL) then the
> write() will read off the end of the string.

It is an admittedly in-elegant hack to deal with the fact we call the
same function for outputting a character as well as a string. None of
the guests actually give us the length:

 * @len: length of string or 0 (string is null terminated)

We could formalise it by making s/len/is_char/ and making it a bool or
just add some more text to the description.

> thanks
> -- PMM

Alex Bennée

reply via email to

[Prev in Thread] Current Thread [Next in Thread]