From: Eduardo Habkost <ehabkost@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Richard Henderson <rth@twiddle.net>,
qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 3/8] i386: Change X86CPUDefinition::model_id to const char*
Date: Thu, 18 Jan 2018 00:01:52 -0200 [thread overview]
Message-ID: <20180118020157.25401-4-ehabkost@redhat.com> (raw)
In-Reply-To: <20180118020157.25401-1-ehabkost@redhat.com>
It is valid to have a 48-character model ID on CPUID, however the
definition of X86CPUDefinition::model_id is char[48], which can
make the compiler drop the null terminator from the string.
If a CPU model happens to have 48 bytes on model_id, "-cpu help"
will print garbage and the object_property_set_str() call at
x86_cpu_load_def() will read data outside the model_id array.
We could increase the array size to 49, but this would mean the
compiler would not issue a warning if a 49-char string is used by
mistake for model_id.
To make things simpler, simply change model_id to be const char*,
and validate the string length using an assert() on
x86_register_cpudef_type().
Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20180109154519.25634-2-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
target/i386/cpu.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 4385853646..0e26fa4ea7 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -754,7 +754,7 @@ struct X86CPUDefinition {
int model;
int stepping;
FeatureWordArray features;
- char model_id[48];
+ const char *model_id;
};
static X86CPUDefinition builtin_x86_defs[] = {
@@ -923,6 +923,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
I486_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "pentium",
@@ -934,6 +935,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
PENTIUM_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "pentium2",
@@ -945,6 +947,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
PENTIUM2_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "pentium3",
@@ -956,6 +959,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
PENTIUM3_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "athlon",
@@ -2736,6 +2740,9 @@ static void x86_register_cpudef_type(X86CPUDefinition *def)
* they shouldn't be set on the CPU model table.
*/
assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
+ /* catch mistakes instead of silently truncating model_id when too long */
+ assert(def->model_id && strlen(def->model_id) <= 48);
+
type_register(&ti);
g_free(typename);
--
2.14.3
next prev parent reply other threads:[~2018-01-18 2:02 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-18 2:01 [Qemu-devel] [PULL 0/8] x86 queue, 2018-01-17 Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 1/8] pc: add 2.12 machine types Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 2/8] target/i386: add clflushopt to "Skylake-Server" cpu model Eduardo Habkost
2018-01-18 2:01 ` Eduardo Habkost [this message]
2018-01-18 2:01 ` [Qemu-devel] [PULL 4/8] i386: Add support for SPEC_CTRL MSR Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 5/8] i386: Add spec-ctrl CPUID bit Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 6/8] i386: Add FEAT_8000_0008_EBX CPUID feature word Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 7/8] i386: Add new -IBRS versions of Intel CPU models Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 8/8] i386: Add EPYC-IBPB CPU model Eduardo Habkost
2018-01-18 13:51 ` [Qemu-devel] [PULL 0/8] x86 queue, 2018-01-17 Peter Maydell
2018-01-23 8:40 ` Christian Ehrhardt
2018-01-23 9:59 ` Christian Borntraeger
2018-01-23 10:19 ` [Qemu-devel] [qemu-s390x] " Cornelia Huck
2018-01-23 10:34 ` [Qemu-devel] " Christian Ehrhardt
2018-01-23 10:50 ` [Qemu-devel] [qemu-s390x] " Cornelia Huck
2018-01-23 18:40 ` Michael Roth
2018-01-23 11:14 ` [Qemu-devel] " Peter Maydell
2018-01-23 16:40 ` [Qemu-devel] [qemu-s390x] " David Hildenbrand
2018-01-23 18:15 ` [Qemu-devel] " Michael Roth
2018-01-23 19:31 ` Eduardo Habkost
2018-01-23 21:33 ` Michael Roth
2018-01-26 1:29 ` Eduardo Habkost
2018-01-26 16:28 ` Michael Roth
2018-01-26 18:08 ` Eduardo Habkost
2018-01-26 18:17 ` Peter Maydell
2018-01-26 18:23 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180118020157.25401-4-ehabkost@redhat.com \
--to=ehabkost@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.