mirror of
https://github.com/qemu/qemu.git
synced 2024-12-24 12:43:47 +08:00
0c249ff71c
Some address/memory APIs have different type between 'hwaddr/target_ulong addr' and 'int len'. It is very unsafe, especially some APIs will be passed a non-int len by caller which might cause overflow quietly. Below is an potential overflow case: dma_memory_read(uint32_t len) -> dma_memory_rw(uint32_t len) -> dma_memory_rw_relaxed(uint32_t len) -> address_space_rw(int len) # len overflow CC: Paolo Bonzini <pbonzini@redhat.com> CC: Peter Crosthwaite <crosthwaite.peter@gmail.com> CC: Richard Henderson <rth@twiddle.net> CC: Peter Maydell <peter.maydell@linaro.org> CC: Stefano Garzarella <sgarzare@redhat.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
---|---|---|
.. | ||
block | ||
chardev | ||
crypto | ||
disas | ||
exec | ||
fpu | ||
hw | ||
io | ||
libdecnumber | ||
migration | ||
monitor | ||
net | ||
qapi | ||
qemu | ||
qom | ||
scsi | ||
standard-headers | ||
sysemu | ||
ui | ||
elf.h | ||
glib-compat.h | ||
qemu-common.h | ||
qemu-io.h | ||
trace-tcg.h |