packages/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/aspeed-smc-Fix-possible-integer-overflow.patch
Jiabo Feng b36d41c519 QEMU update to version 8.2.0-17: 
- cvm : bug fix for undefined reference to 'virtcca_cvm_allowed' while compiling
- cvm : bug-fix for incorrect device name check for vhost-user-fs
- target/i386: add control bits support for LAM
- target/i386: add support for LAM in CPUID enumeration
- Add support for the virtcca cvm feature.
- target/sparc: use signed denominator in sdiv helper
- crypto: Introduce SM4 symmetric cipher algorithm
- ppc/vof: Fix unaligned FDT property access
- vl: fix "type is NULL" in -vga help
- hw/display/bcm2835_fb: fix fb_use_offsets condition
- aspeed/smc: Fix possible integer overflow
- hw/nvme: fix number of PIDs for FDP RUH update
- hw/nvme: fix memory leak in nvme_dsm
- hvf: arm: Do not advance PC when raising an exception
- physmem: Bail out qemu_ram_block_from_host() for invalid ram addrs

Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
2024-09-05 11:24:12 +08:00

46 lines
1.5 KiB
Diff
Raw Permalink Blame History

From 041c319f2f91c85aeb4ed0cefa6afa76773fe960 Mon Sep 17 00:00:00 2001
From: qihao <qihao_yewu@cmss.chinamobile.com>
Date: Thu, 25 Jul 2024 09:57:01 +0800
Subject: [PATCH] aspeed/smc: Fix possible integer overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from 13951ccfcdf0f31902a93859506ccf8c0ef66583
Coverity reports a possible integer overflow because routine
aspeeed_smc_hclk_divisor() has a codepath returning 0, which could
lead to an integer overflow when computing variable 'hclk_shift' in
the caller aspeed_smc_dma_calibration().
The value passed to aspeed_smc_hclk_divisor() is always between 0 and
15 and, in this case, there is always a matching hclk divisor. Remove
the return 0 and use g_assert_not_reached() instead.
Fixes: Coverity CID 1547822
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: qihao_yewu <qihao_yewu@cmss.chinamobile.com>
---
hw/ssi/aspeed_smc.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/hw/ssi/aspeed_smc.c b/hw/ssi/aspeed_smc.c
index 2a4001b774..8af919a970 100644
--- a/hw/ssi/aspeed_smc.c
+++ b/hw/ssi/aspeed_smc.c
@@ -764,8 +764,7 @@ static uint8_t aspeed_smc_hclk_divisor(uint8_t hclk_mask)
}
}
- aspeed_smc_error("invalid HCLK mask %x", hclk_mask);
- return 0;
+ g_assert_not_reached();
}
/*
--
2.41.0.windows.1
Reference in New Issue View Git Blame Copy Permalink