1. Patchew
  2. QEMU
  3. View series

[PATCH] plugins: Assert mmu_idx in range before use in qemu_plugin_get_hwaddr

Richard Henderson posted 1 patch 3 years, 10 months ago
Test checkpatch passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20220401190233.329360-1-richard.henderson@linaro.org
Maintainers: "Alex Bennée" <alex.bennee@linaro.org>, Alexandre Iooss <erdnaxe@crans.org>, Mahmoud Mandour <ma.mandourr@gmail.com>
plugins/api.c | 2 ++
1 file changed, 2 insertions(+)
[PATCH] plugins: Assert mmu_idx in range before use in qemu_plugin_get_hwaddr
Posted by Richard Henderson 3 years, 10 months ago 
Coverity reports out-of-bound accesses here.  This should be a
false positive due to how the index is decoded from MemOpIdx.

Fixes: Coverity CID 1487201
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 plugins/api.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/plugins/api.c b/plugins/api.c
index 7bf71b189d..2078b16edb 100644
--- a/plugins/api.c
+++ b/plugins/api.c
@@ -289,6 +289,8 @@ struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
     enum qemu_plugin_mem_rw rw = get_plugin_meminfo_rw(info);
     hwaddr_info.is_store = (rw & QEMU_PLUGIN_MEM_W) != 0;
 
+    assert(mmu_idx < NB_MMU_MODES);
+
     if (!tlb_plugin_lookup(cpu, vaddr, mmu_idx,
                            hwaddr_info.is_store, &hwaddr_info)) {
         error_report("invalid use of qemu_plugin_get_hwaddr");
-- 
2.25.1
Re: [PATCH] plugins: Assert mmu_idx in range before use in qemu_plugin_get_hwaddr
Posted by Alex Bennée 3 years, 10 months ago 
Richard Henderson <richard.henderson@linaro.org> writes:

> Coverity reports out-of-bound accesses here.  This should be a
> false positive due to how the index is decoded from MemOpIdx.
>
> Fixes: Coverity CID 1487201
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Queued to plugins/next, thanks.

-- 
Alex Bennée
Re: [PATCH] plugins: Assert mmu_idx in range before use in qemu_plugin_get_hwaddr
Posted by Damien Hedde 3 years, 10 months ago 
Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>

On 4/1/22 21:02, Richard Henderson wrote:
> Coverity reports out-of-bound accesses here.  This should be a
> false positive due to how the index is decoded from MemOpIdx.
> 
> Fixes: Coverity CID 1487201
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>   plugins/api.c | 2 ++
>   1 file changed, 2 insertions(+)
> 
> diff --git a/plugins/api.c b/plugins/api.c
> index 7bf71b189d..2078b16edb 100644
> --- a/plugins/api.c
> +++ b/plugins/api.c
> @@ -289,6 +289,8 @@ struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
>       enum qemu_plugin_mem_rw rw = get_plugin_meminfo_rw(info);
>       hwaddr_info.is_store = (rw & QEMU_PLUGIN_MEM_W) != 0;
>   
> +    assert(mmu_idx < NB_MMU_MODES);
> +
>       if (!tlb_plugin_lookup(cpu, vaddr, mmu_idx,
>                              hwaddr_info.is_store, &hwaddr_info)) {
>           error_report("invalid use of qemu_plugin_get_hwaddr");

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.