[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 06/32] hw/arm/smmuv3: Fix Coverity issue in smmuv3_re
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-devel] [PULL 06/32] hw/arm/smmuv3: Fix Coverity issue in smmuv3_record_event |
|
Date: |
Fri, 18 May 2018 18:19:43 +0100 |
From: Eric Auger <address@hidden>
Coverity complains about use of uninitialized Evt struct.
The EVT_SET_TYPE and similar setters use deposit32() on fields
in the struct, so they read the uninitialized existing values.
In cases where we don't set all the fields in the event struct
we'll end up leaking random uninitialized data from QEMU's
stack into the guest.
Initializing the struct with "Evt evt = {};" ought to satisfy
Coverity and fix the data leak.
Signed-off-by: Eric Auger <address@hidden>
Reported-by: Peter Maydell <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
---
hw/arm/smmuv3.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index b3026dea20..42dc521c13 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -143,7 +143,7 @@ static MemTxResult smmuv3_write_eventq(SMMUv3State *s, Evt
*evt)
void smmuv3_record_event(SMMUv3State *s, SMMUEventInfo *info)
{
- Evt evt;
+ Evt evt = {};
MemTxResult r;
if (!smmuv3_eventq_enabled(s)) {
--
2.17.0
- [Qemu-devel] [PULL 00/32] target-arm queue, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 03/32] target/arm: Add the XML dynamic generation, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 02/32] target/arm: Add "_S" suffix to the secure version of a sysreg, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 05/32] xlnx-zynqmp: Connect the ZynqMP GDMA and ADMA, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 07/32] hw/arm/smmu-common: Fix coverity issue in get_block_pte_address, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 09/32] target/arm: Add SVE decode skeleton, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 06/32] hw/arm/smmuv3: Fix Coverity issue in smmuv3_record_event,
Peter Maydell <=
- [Qemu-devel] [PULL 01/32] target/arm: Add "ARM_CP_NO_GDB" as a new bit field for ARMCPRegInfo type, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 04/32] xlnx-zdma: Add a model of the Xilinx ZynqMP generic DMA, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 08/32] target/arm: Introduce translate-a64.h, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 11/32] target/arm: Implement SVE load vector/predicate, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 19/32] target/arm: Implement SVE bitwise shift by wide elements (predicated), Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 12/32] target/arm: Implement SVE predicate test, Peter Maydell, 2018/05/18
- [Qemu-devel] [PULL 13/32] target/arm: Implement SVE Predicate Logical Operations Group, Peter Maydell, 2018/05/18