1. Patchew
  2. QEMU
  3. View series

[PATCH] system/qtest: Fix length parameter in the b64write code

Thomas Huth posted 1 patch 1 week, 5 days ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20260518134020.1420932-1-thuth@redhat.com
Maintainers: Fabiano Rosas <farosas@suse.de>, Laurent Vivier <lvivier@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>
system/qtest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] system/qtest: Fix length parameter in the b64write code
Posted by Thomas Huth 1 week, 5 days ago 
From: Thomas Huth <thuth@redhat.com>

The b64write code has a sanity check that the given lengths matches
the real length of the given data, and calculates the minimum of the
two values to be on the safe side. However, the address_space_write()
then uses the original value and ignores the calculated minimum. Use
out_len here to fix the problem.

Fixes: 70da30483e7 ("qtest: Use cpu address space instead of system memory")
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
 system/qtest.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/qtest.c b/system/qtest.c
index a79d10d1361..d6db057b0a2 100644
--- a/system/qtest.c
+++ b/system/qtest.c
@@ -698,7 +698,7 @@ static void qtest_process_command(CharFrontend *chr, gchar **words)
         }
 
         address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED, data,
-                            len);
+                            out_len);
 
         qtest_send(chr, "OK\n");
     } else if (strcmp(words[0], "endianness") == 0) {
-- 
2.54.0
Re: [PATCH] system/qtest: Fix length parameter in the b64write code
Posted by Philippe Mathieu-Daudé 1 week, 5 days ago 
On 18/5/26 15:40, Thomas Huth wrote:
> From: Thomas Huth <thuth@redhat.com>
> 
> The b64write code has a sanity check that the given lengths matches
> the real length of the given data, and calculates the minimum of the
> two values to be on the safe side. However, the address_space_write()
> then uses the original value and ignores the calculated minimum. Use
> out_len here to fix the problem.
> 
> Fixes: 70da30483e7 ("qtest: Use cpu address space instead of system memory")
> Signed-off-by: Thomas Huth <thuth@redhat.com>
> ---
>   system/qtest.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Re: [PATCH] system/qtest: Fix length parameter in the b64write code
Posted by Laurent Vivier 1 week, 5 days ago 
On 5/18/26 15:40, Thomas Huth wrote:
> From: Thomas Huth <thuth@redhat.com>
> 
> The b64write code has a sanity check that the given lengths matches
> the real length of the given data, and calculates the minimum of the
> two values to be on the safe side. However, the address_space_write()
> then uses the original value and ignores the calculated minimum. Use
> out_len here to fix the problem.
> 
> Fixes: 70da30483e7 ("qtest: Use cpu address space instead of system memory")
> Signed-off-by: Thomas Huth <thuth@redhat.com>
> ---
>   system/qtest.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/system/qtest.c b/system/qtest.c
> index a79d10d1361..d6db057b0a2 100644
> --- a/system/qtest.c
> +++ b/system/qtest.c
> @@ -698,7 +698,7 @@ static void qtest_process_command(CharFrontend *chr, gchar **words)
>           }
>   
>           address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED, data,
> -                            len);
> +                            out_len);
>   
>           qtest_send(chr, "OK\n");
>       } else if (strcmp(words[0], "endianness") == 0) {

Reviewed-by: Laurent Vivier <lvivier@redhat.com>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.