1. Patchew
  2. QEMU
  3. View series

[Qemu-devel] [PATCH] ati-vga: Fix indexed access to video memory

BALATON Zoltan posted 1 patch 5 years, 1 month ago
Test docker-clang@ubuntu passed
Test asan passed
Test checkpatch passed
Test docker-mingw@fedora passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20190318223842.427CB7456B2@zero.eik.bme.hu
hw/display/ati.c | 18 ++++++------------
1 file changed, 6 insertions(+), 12 deletions(-)
[Qemu-devel] [PATCH] ati-vga: Fix indexed access to video memory
Posted by BALATON Zoltan 5 years, 1 month ago 
Coverity (CID 1399700) found that this was wrong so instead of trying
to do it by hand use existing access functions that should work better.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
---
 hw/display/ati.c | 18 ++++++------------
 1 file changed, 6 insertions(+), 12 deletions(-)

diff --git a/hw/display/ati.c b/hw/display/ati.c
index 055cc69e16..b88309af63 100644
--- a/hw/display/ati.c
+++ b/hw/display/ati.c
@@ -236,12 +236,9 @@ static uint64_t ati_mm_read(void *opaque, hwaddr addr, unsigned int size)
     case MM_DATA ... MM_DATA + 3:
         /* indexed access to regs or memory */
         if (s->regs.mm_index & BIT(31)) {
-            if (s->regs.mm_index <= s->vga.vram_size - size) {
-                int i = size - 1;
-                while (i >= 0) {
-                    val <<= 8;
-                    val |= s->vga.vram_ptr[s->regs.mm_index + i--];
-                }
+            uint32_t idx = s->regs.mm_index & ~BIT(31);
+            if (idx <= s->vga.vram_size - size) {
+                val = ldn_le_p(s->vga.vram_ptr + idx, size);
             }
         } else {
             val = ati_mm_read(s, s->regs.mm_index + addr - MM_DATA, size);
@@ -440,12 +437,9 @@ static void ati_mm_write(void *opaque, hwaddr addr,
     case MM_DATA ... MM_DATA + 3:
         /* indexed access to regs or memory */
         if (s->regs.mm_index & BIT(31)) {
-            if (s->regs.mm_index <= s->vga.vram_size - size) {
-                int i = 0;
-                while (i < size) {
-                    s->vga.vram_ptr[s->regs.mm_index + i] = data & 0xff;
-                    data >>= 8;
-                }
+            uint32_t idx = s->regs.mm_index & ~BIT(31);
+            if (idx <= s->vga.vram_size - size) {
+                stn_le_p(s->vga.vram_ptr + idx, size, data);
             }
         } else {
             ati_mm_write(s, s->regs.mm_index + addr - MM_DATA, data, size);
-- 
2.13.7
Re: [Qemu-devel] [PATCH] ati-vga: Fix indexed access to video memory
Posted by Gerd Hoffmann 5 years ago 
On Mon, Mar 18, 2019 at 11:34:46PM +0100, BALATON Zoltan wrote:
> Coverity (CID 1399700) found that this was wrong so instead of trying
> to do it by hand use existing access functions that should work better.

Added to patch queue.

thanks,
  Gerd

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.