Re: [PATCH] vfio/pci: Use defined memcpy() behavior

[Laszlo Ersek]

On 03/10/20 18:15, Alex Williamson wrote:
> vfio_rom_read() relies on memcpy() doing the logically correct thing,
> ie. safely copying zero bytes from a NULL pointer when rom_size is
> zero, rather than the spec definition, which is undefined when the
> source or target pointers are NULL.  Resolve this by wrapping the
> call in the condition expressed previously by the ternary.
> 
> Additionally, we still use @val to fill data based on the provided
> @size regardless of mempcy(), so we should initialize @val rather
> than @data.
> 
> Reported-by: Longpeng <address@hidden>
> Reported-by: Laszlo Ersek <address@hidden>
> Signed-off-by: Alex Williamson <address@hidden>
> ---
>  hw/vfio/pci.c |    9 +++++----
>  1 file changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
> index 5e75a95129ac..b0799cdc28ad 100644
> --- a/hw/vfio/pci.c
> +++ b/hw/vfio/pci.c
> @@ -859,16 +859,17 @@ static uint64_t vfio_rom_read(void *opaque, hwaddr 
> addr, unsigned size)
>          uint16_t word;
>          uint32_t dword;
>          uint64_t qword;
> -    } val;
> -    uint64_t data = 0;
> +    } val = { 0 };
> +    uint64_t data;
>  
>      /* Load the ROM lazily when the guest tries to read it */
>      if (unlikely(!vdev->rom && !vdev->rom_read_failed)) {
>          vfio_pci_load_rom(vdev);
>      }
>  
> -    memcpy(&val, vdev->rom + addr,
> -           (addr < vdev->rom_size) ? MIN(size, vdev->rom_size - addr) : 0);
> +    if (addr < vdev->rom_size) {
> +        memcpy(&val, vdev->rom + addr, MIN(size, vdev->rom_size - addr));
> +    }
>  
>      switch (size) {
>      case 1:
> 

sorry I'm processing my INBOX in basically... random order. :/

So as I stated in the earlier thread, I suggest casting "vdev->rom" to a
character type, before the addition operator "+" binds.

With that:

Reviewed-by: Laszlo Ersek <address@hidden>

Thanks
Laszlo