qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 3/3 v2] ppc debug: Add debug stub support

From: address@hidden
Subject: Re: [Qemu-devel] [PATCH 3/3 v2] ppc debug: Add debug stub support
Date: Tue, 17 Jun 2014 11:01:00 +0000 
> >>>>> +static void kvm_arch_e500_update_guest_debug(CPUState *cs,
> >>>>> +                                             struct
> >>>>> +kvm_guest_debug
> >>>>> +*dbg) {
> >>>>> +    int n;
> >>>>> +
> >>>>> +    if (nb_hw_breakpoint + nb_hw_watchpoint > 0) {
> >>>>> +        dbg->control |= KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_HW_BP;
> >>>>> +        memset(dbg->arch.bp, 0, sizeof(dbg->arch.bp));
> >>>>> +        for (n = 0; n < nb_hw_breakpoint + nb_hw_watchpoint; n++)
> >>>>> + {
> >>>> Boundary check against dbg->arch.bp missing.
> >>> Did not get, what you mean by " dbg->arch.bp missing" ?
> >> dbg->arch.bp is an array of a certain size. If nb_hw_breakpoint +
> >> nb_hw_watchpoint > ARRAY_SIZE(dbg->arch.bp) we might overwrite memory
> >> we don't want to overwrite.
> > Actually this will never overflow here because nb_hw_breakpoint and
> nb_hw_watchpoint overflow in taken care in in hw_insert_breakpoint().
> > Do you thing that to be double safe we can add a check?
> 
> We only check against an overflow of hw_breakpoint[], not dbg->arch.bp.
> What if nb_hw_breakpoint becomes 17?

nb_hw_breakpoint can never be more than max_hw_breakpoint, how nb_hw_breakpoint 
can be 17 ?


Thanks
-Bharat
reply via email to
[Prev in Thread] Current Thread [Next in Thread]