[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH-for-5.0 v2] hw/display/sm501: Avoid heap overflow in sm501_2d
From: |
Peter Maydell |
Subject: |
Re: [PATCH-for-5.0 v2] hw/display/sm501: Avoid heap overflow in sm501_2d_operation() |
Date: |
Tue, 21 Apr 2020 10:25:49 +0100 |
On Tue, 21 Apr 2020 at 10:16, Gerd Hoffmann <address@hidden> wrote:
> cirrus stopped using pointers years ago, exactly for the reasons
> outlined above. Conversion was pretty straight forward.
>
> commit 026aeffcb4752054830ba203020ed6eb05bcaba8
> Author: Gerd Hoffmann <address@hidden>
> Date: Wed Mar 15 11:47:52 2017 +0100
>
> cirrus: stop passing around dst pointers in the blitter
>
> Instead pass around the address (aka offset into vga memory). Calculate
> the pointer in the rop_* functions, after applying the mask to the
> address, to make sure the address stays within the valid range.
Aha, thanks for bringing up the prior art. (Did anybody benchmark
whether there was a noticeable performance impact for that cirrus
change? My guess is that there wouldn't be much/any because the memory
operations will dominate and you get to do the masking operation more
or less for free, but guesses are notoriously unreliable when it
comes to performance :-) )
thanks
-- PMM