Hi Li, On Thu, Dec 6, 2018 at 3:26 AM Li Zhijian <[email protected]> wrote: > > Some address/memory APIs have different type between > 'hwaddr/target_ulong addr' and 'int len'. It is very unsafe, espcially
As Philippe already suggested, s/espcially/especially > some APIs will be passed a non-int len by caller which might cause > overflow quietly. > Below is an potential overflow case: > dma_memory_read(uint32_t len) > -> dma_memory_rw(uint32_t len) > -> dma_memory_rw_relaxed(uint32_t len) > -> address_space_rw(int len) # len overflow > > CC: Paolo Bonzini <[email protected]> > CC: Peter Crosthwaite <[email protected]> > CC: Richard Henderson <[email protected]> > CC: Peter Maydell <[email protected]> > Signed-off-by: Li Zhijian <[email protected]> > Reviewed-by: Peter Maydell <[email protected]> > Reviewed-by: Richard Henderson <[email protected]> > > --- > V4: minor fix at commit message and add Reviewed-by tag > V3: use the same type between len and addr(Peter Maydell) > rebase code basing on > https://patchew.org/QEMU/[email protected]/ > --- > exec.c | 47 > +++++++++++++++++++++++------------------------ > include/exec/cpu-all.h | 2 +- > include/exec/cpu-common.h | 8 ++++---- > include/exec/memory.h | 22 +++++++++++----------- > 4 files changed, 39 insertions(+), 40 deletions(-) Reviewed-by: Stefano Garzarella <[email protected]>
