qemu-s390x
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] target/s390x/arch_dump: Fix memory corruption in s390x_write

From: Philippe Mathieu-Daudé
Subject: Re: [PATCH] target/s390x/arch_dump: Fix memory corruption in s390x_write_elf64_notes()
Date: Tue, 14 Feb 2023 15:58:18 +0100
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.7.2 
On 14/2/23 15:10, Thomas Huth wrote:

"note_size" can be smaller than sizeof(note), so unconditionally calling
memset(notep, 0, sizeof(note)) could cause a memory corruption here in
case notep has been allocated dynamically, thus let's use note_size as
length argument for memset() instead.


Correct.

I wonder why use one notep* pointing to a stack allocated or a heap
allocated buffer. This isn't hot path, one heap use could simplify
this code complexity IMO.


Fixes: 113d8f4e95 ("s390x: pv: Add dump support")
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
  target/s390x/arch_dump.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)


Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]