From nobody Fri Nov 14 18:16:49 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linux.dev ARC-Seal: i=1; a=rsa-sha256; t=1760771465; cv=none; d=zohomail.com; s=zohoarc; b=CabY5wg2SQCDFgj/XRUGMTnl4I0DkG2pzLakSpBU2AfwQ2qdmsuj3cQLSHojOkl10WGjIkywOuI5eUAI2D4zBff/o7OdEeQlulDMwa6LxOwyJlHVmnPCjKQ7c/KLeFAHeZPtVaEkzFcLbyHwtgpyDNIxMz0CGFuNVEOscz/fHeY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1760771465; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=GyZkspTFi4AGi8wBN1HJrgsjfpx8vJ4xmyKiff9sWvw=; b=lfBbssao4t54PIZ7Rujn5DXbO9nOKywDK/3MTLJ0oOoBsp/3C1cxGvY9+GLAaEk7hlmvysTAFKkOHezlQpVnpoj3981EBoqzg5GB+A60UYzs+eQhYrCQPIgJXpHW7/s5mRH+S3iDkrPKopBuvo/uJAD4zwaYQ8sLT9++qNQohks= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1760771465814941.4235751054332; Sat, 18 Oct 2025 00:11:05 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vA157-0005gC-2W; Sat, 18 Oct 2025 03:10:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1v9s7A-0000aA-2l for qemu-devel@nongnu.org; Fri, 17 Oct 2025 17:35:56 -0400 Received: from out-181.mta0.migadu.com ([91.218.175.181]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1v9s72-0000uW-R0 for qemu-devel@nongnu.org; Fri, 17 Oct 2025 17:35:55 -0400 X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1760736946; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GyZkspTFi4AGi8wBN1HJrgsjfpx8vJ4xmyKiff9sWvw=; b=lAxQiny/ks4nyaciP/Z+26wcqOeGEmRgQY0Ya1kmIId4EWp6UEQwdynTw9XZpp5nAsqtfJ 674fC0HKH7JFgPstcQh1+N/viipoTFzlzccaP+Scuik1wMQd31cShlQolK+bkshcDjb5Cs AW4hEswLeA4PkobLoluupkXIDGFv0ZM= From: Sean Anderson To: =?UTF-8?q?Alex=20Benn=C3=A9e?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , qemu-devel@nongnu.org Cc: Richard Henderson , Luc Michel , Sean Anderson Subject: [PATCH 3/3] semihosting: Check for overflow in FLEN on 32-bit systems Date: Fri, 17 Oct 2025 17:35:29 -0400 Message-Id: <20251017213529.998267-4-sean.anderson@linux.dev> In-Reply-To: <20251017213529.998267-1-sean.anderson@linux.dev> References: <20251017213529.998267-1-sean.anderson@linux.dev> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Migadu-Flow: FLOW_OUT Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=91.218.175.181; envelope-from=sean.anderson@linux.dev; helo=out-181.mta0.migadu.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Sat, 18 Oct 2025 03:10:23 -0400 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @linux.dev) X-ZM-MESSAGEID: 1760771469012158500 Content-Type: text/plain; charset="utf-8" When semihosting 32-bit systems, the return value of FLEN will be stored in a 32-bit integer. To prevent wraparound, return -1 and set EOVERFLOW. This matches the behavior of stat(2). Static files don't need to be checked, since are always small. Signed-off-by: Sean Anderson --- semihosting/arm-compat-semi.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/semihosting/arm-compat-semi.c b/semihosting/arm-compat-semi.c index c5a07cb947..57453ca6be 100644 --- a/semihosting/arm-compat-semi.c +++ b/semihosting/arm-compat-semi.c @@ -305,8 +305,19 @@ static uint64_t common_semi_flen_buf(CPUState *cs) return sp - 64; } =20 +static void common_semi_flen_cb(CPUState *cs, uint64_t ret, int err) +{ + CPUArchState *env =3D cpu_env(cs); + + if (!err && !is_64bit_semihosting(env) && ret > INT32_MAX) { + ret =3D -1, err =3D EOVERFLOW; + } + common_semi_cb(cs, ret, err); +} + + static void -common_semi_flen_fstat_cb(CPUState *cs, uint64_t ret, int err) +common_semi_flen_gdb_cb(CPUState *cs, uint64_t ret, int err) { if (!err) { /* The size is always stored in big-endian order, extract the valu= e. */ @@ -319,7 +330,7 @@ common_semi_flen_fstat_cb(CPUState *cs, uint64_t ret, i= nt err) ret =3D be64_to_cpu(size); } } - common_semi_cb(cs, ret, err); + common_semi_flen_cb(cs, ret, err); } =20 static void @@ -517,7 +528,7 @@ void do_common_semihosting(CPUState *cs) =20 case TARGET_SYS_FLEN: GET_ARG(0); - semihost_sys_flen(cs, common_semi_flen_fstat_cb, common_semi_cb, + semihost_sys_flen(cs, common_semi_flen_gdb_cb, common_semi_flen_cb, arg0, common_semi_flen_buf(cs)); break; =20 --=20 2.35.1.1320.gc452695387.dirty