[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2 6/6] softmmu-semi: fix lock_user* functions not t
From: |
Jim Meyering |
Subject: |
[Qemu-devel] [PATCH v2 6/6] softmmu-semi: fix lock_user* functions not to deref NULL upon OOM |
Date: |
Thu, 24 May 2012 16:46:11 +0200 |
Return NULL upon malloc failure.
Signed-off-by: Jim Meyering <address@hidden>
---
Improved based on suggestion from Peter Maydell:
Handle malloc failure rather than relying on g_malloc, since we
can't afford to let guest-provided "len" induce g_malloc's abort.
softmmu-semi.h | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/softmmu-semi.h b/softmmu-semi.h
index 648cb95..bcb979a 100644
--- a/softmmu-semi.h
+++ b/softmmu-semi.h
@@ -40,7 +40,7 @@ static void *softmmu_lock_user(CPUArchState *env, uint32_t
addr, uint32_t len,
uint8_t *p;
/* TODO: Make this something that isn't fixed size. */
p = malloc(len);
- if (copy)
+ if (p && copy)
cpu_memory_rw_debug(env, addr, p, len, 0);
return p;
}
@@ -52,6 +52,9 @@ static char *softmmu_lock_user_string(CPUArchState *env,
uint32_t addr)
uint8_t c;
/* TODO: Make this something that isn't fixed size. */
s = p = malloc(1024);
+ if (!s) {
+ return NULL;
+ }
do {
cpu_memory_rw_debug(env, addr, &c, 1, 0);
addr++;
--
1.7.10.2.565.gbd578b5
- [Qemu-devel] [PATCH 5/6] arm-semi: don't leak 1kb user string lock buffer upon TARGET_SYS_OPEN, (continued)