[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 6/6] softmmu-semi: fix lock_user* functions not
|
From: |
Peter Maydell |
|
Subject: |
Re: [Qemu-devel] [PATCH 6/6] softmmu-semi: fix lock_user* functions not to deref NULL upon OOM |
|
Date: |
Sat, 19 May 2012 16:46:44 +0100 |
On 16 May 2012 14:08, Jim Meyering <address@hidden> wrote:
> From: Jim Meyering <address@hidden>
>
> Use g_malloc/g_free in place of malloc/free.
>
> Signed-off-by: Jim Meyering <address@hidden>
> ---
> softmmu-semi.h | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/softmmu-semi.h b/softmmu-semi.h
> index 648cb95..996e0f7 100644
> --- a/softmmu-semi.h
> +++ b/softmmu-semi.h
> @@ -39,7 +39,7 @@ static void *softmmu_lock_user(CPUArchState *env, uint32_t
> addr, uint32_t len,
> {
> uint8_t *p;
> /* TODO: Make this something that isn't fixed size. */
> - p = malloc(len);
> + p = g_malloc(len);
> if (copy)
> cpu_memory_rw_debug(env, addr, p, len, 0);
> return p;
Nak. This function is called with a length passed from the guest, so
killing qemu if the length is too large is a bad idea. The callers
should handle it returning NULL on failure. (Most of them do already,
if any do not that's a bug.) The bug in this function is passing
NULL to cpu_memory_rw_debug().
-- PMM
- [Qemu-devel] [PATCH 4/6] sheepdog: don't leak socket file descriptor upon connection failure, (continued)
- [Qemu-devel] [PATCH 4/6] sheepdog: don't leak socket file descriptor upon connection failure, Jim Meyering, 2012/05/16
- [Qemu-devel] [PATCH 5/6] arm-semi: don't leak 1kb user string lock buffer upon TARGET_SYS_OPEN, Jim Meyering, 2012/05/16
- [Qemu-devel] [PATCH 3/6] linux-user: do_msgrcv: don't leak host_mb upon TARGET_EFAULT failure, Jim Meyering, 2012/05/16
- [Qemu-devel] [PATCH 6/6] softmmu-semi: fix lock_user* functions not to deref NULL upon OOM, Jim Meyering, 2012/05/16
- [Qemu-devel] [PATCH 2/6] qemu-ga: avoid unconditional lockfile file descriptor leak, Jim Meyering, 2012/05/16