[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 09/38] pseries: Add more parameter validation in RTAS
|
From: |
Alexander Graf |
|
Subject: |
[Qemu-devel] [PULL 09/38] pseries: Add more parameter validation in RTAS time of day functions |
|
Date: |
Sun, 8 Mar 2015 09:44:28 +0100 |
From: David Gibson <address@hidden>
Currently, the RTAS time of day functions only partially validate the
number of parameters they receive and return. Because of how the
parameters are used, this is unlikely to lead to a crash, but it's messy.
This patch adds the missing checks.
Signed-off-by: David Gibson <address@hidden>
Signed-off-by: Alexander Graf <address@hidden>
---
hw/ppc/spapr_rtc.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/hw/ppc/spapr_rtc.c b/hw/ppc/spapr_rtc.c
index e290ac0..13eeab8 100644
--- a/hw/ppc/spapr_rtc.c
+++ b/hw/ppc/spapr_rtc.c
@@ -36,7 +36,7 @@ static void rtas_get_time_of_day(PowerPCCPU *cpu,
sPAPREnvironment *spapr,
{
struct tm tm;
- if (nret != 8) {
+ if ((nargs != 0) || (nret != 8)) {
rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
return;
}
@@ -60,6 +60,11 @@ static void rtas_set_time_of_day(PowerPCCPU *cpu,
sPAPREnvironment *spapr,
{
struct tm tm;
+ if ((nargs != 7) || (nret != 1)) {
+ rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
+ return;
+ }
+
tm.tm_year = rtas_ld(args, 0) - 1900;
tm.tm_mon = rtas_ld(args, 1) - 1;
tm.tm_mday = rtas_ld(args, 2);
--
1.8.1.4
- [Qemu-devel] [PULL 2.3 00/38] ppc patch queue 2015-03-08, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 02/38] target-ppc: Use right page size with hash table lookup, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 15/38] PPC: Clean up misuse of qdev_init() in kvm-openpic creation, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 09/38] pseries: Add more parameter validation in RTAS time of day functions,
Alexander Graf <=
- [Qemu-devel] [PULL 01/38] spapr_vio/spapr_iommu: Move VIO bypass where it belongs, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 05/38] spapr-pci: Enable huge BARs, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 22/38] adb.c: include ADBDevice parent state in KBDState and MouseState, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 23/38] cuda.c: include adb_poll_timer in VMStateDescription, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 16/38] spapr: Clean up misuse of qdev_init() in xics-kvm creation, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 13/38] pseries: Move rtc_offset into RTC device's state structure, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 06/38] Generalize QOM publishing of date and time from mc146818rtc.c, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 24/38] target-ppc: move sdr1 value change detection logic to helper_store_sdr1(), Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 33/38] ppc64-softmmu: Remove duplicated OPENPIC from config, Alexander Graf, 2015/03/08
- [Qemu-devel] [PULL 25/38] target-ppc: force update of msr bits in cpu_post_load, Alexander Graf, 2015/03/08