This patchset is prompted by a Coverity issue CID 1659590,
where it thinks that we use tainted data from the guest to
index an array in bh_utf8_decode() without bounds-checking.
In fact I think this is a false positive because the array
is 256 bytes and the data from the guest is always a byte,
but both Coverity and I get confused because the chain
of functions operating on this data switch between "uint8_t",
"int" and "uint32_t" types to hold it as it passes down.

The patchset standardizes this all to uint8_t.

Peter Maydell (2):
  ui/vt100: Standardize on uint8_t for "ch" byte variables
  ui/vt100: Take byte as uint8_t in bh_utf8_decode()

 ui/vt100.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

-- 
2.43.0

On Tue, May 12, 2026 at 2:42 PM Peter Maydell <peter.maydell@linaro.org> wrote:
>
> This patchset is prompted by a Coverity issue CID 1659590,
> where it thinks that we use tainted data from the guest to
> index an array in bh_utf8_decode() without bounds-checking.
> In fact I think this is a false positive because the array
> is 256 bytes and the data from the guest is always a byte,
> but both Coverity and I get confused because the chain
> of functions operating on this data switch between "uint8_t",
> "int" and "uint32_t" types to hold it as it passes down.
>
> The patchset standardizes this all to uint8_t.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

>
> Peter Maydell (2):
>   ui/vt100: Standardize on uint8_t for "ch" byte variables
>   ui/vt100: Take byte as uint8_t in bh_utf8_decode()
>
>  ui/vt100.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> --
> 2.43.0
>