[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 3/3] hw/nubus/nubus-device: Range check 'slot' property
|
From: |
Thomas Huth |
|
Subject: |
Re: [PATCH 3/3] hw/nubus/nubus-device: Range check 'slot' property |
|
Date: |
Sat, 31 Aug 2024 00:03:28 +0200 |
Am Fri, 30 Aug 2024 18:34:52 +0100
schrieb Peter Maydell <peter.maydell@linaro.org>:
> The TYPE_NUBUS_DEVICE class lets the user specify the nubus slot
> using an int32 "slot" QOM property. Its realize method doesn't do
> any range checking on this value, which Coverity notices by way of
> the possibility that 'nd->slot * NUBUS_SUPER_SLOT_SIZE' might
> overflow the 32-bit arithmetic it is using.
>
> Constrain the slot value to be less than NUBUS_SLOT_NB (16).
>
> Resolves: Coverity CID 1464070
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> hw/nubus/nubus-device.c | 7 +++++++
> 1 file changed, 7 insertions(+)
Reviewed-by: Thomas Huth <huth@tuxfamily.org>