From: Sean Anderson <sean.anderson@linux.dev>
To: "Alex Bennée" <alex.bennee@linaro.org>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
qemu-devel@nongnu.org
Cc: Richard Henderson <richard.henderson@linaro.org>,
Luc Michel <lmichel@kalray.eu>,
Sean Anderson <sean.anderson@linux.dev>
Subject: [PATCH 3/3] semihosting: Check for overflow in FLEN on 32-bit systems
Date: Fri, 17 Oct 2025 17:35:29 -0400 [thread overview]
Message-ID: <20251017213529.998267-4-sean.anderson@linux.dev> (raw)
In-Reply-To: <20251017213529.998267-1-sean.anderson@linux.dev>
When semihosting 32-bit systems, the return value of FLEN will be stored
in a 32-bit integer. To prevent wraparound, return -1 and set EOVERFLOW.
This matches the behavior of stat(2). Static files don't need to be
checked, since are always small.
Signed-off-by: Sean Anderson <sean.anderson@linux.dev>
---
semihosting/arm-compat-semi.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/semihosting/arm-compat-semi.c b/semihosting/arm-compat-semi.c
index c5a07cb947..57453ca6be 100644
--- a/semihosting/arm-compat-semi.c
+++ b/semihosting/arm-compat-semi.c
@@ -305,8 +305,19 @@ static uint64_t common_semi_flen_buf(CPUState *cs)
return sp - 64;
}
+static void common_semi_flen_cb(CPUState *cs, uint64_t ret, int err)
+{
+ CPUArchState *env = cpu_env(cs);
+
+ if (!err && !is_64bit_semihosting(env) && ret > INT32_MAX) {
+ ret = -1, err = EOVERFLOW;
+ }
+ common_semi_cb(cs, ret, err);
+}
+
+
static void
-common_semi_flen_fstat_cb(CPUState *cs, uint64_t ret, int err)
+common_semi_flen_gdb_cb(CPUState *cs, uint64_t ret, int err)
{
if (!err) {
/* The size is always stored in big-endian order, extract the value. */
@@ -319,7 +330,7 @@ common_semi_flen_fstat_cb(CPUState *cs, uint64_t ret, int err)
ret = be64_to_cpu(size);
}
}
- common_semi_cb(cs, ret, err);
+ common_semi_flen_cb(cs, ret, err);
}
static void
@@ -517,7 +528,7 @@ void do_common_semihosting(CPUState *cs)
case TARGET_SYS_FLEN:
GET_ARG(0);
- semihost_sys_flen(cs, common_semi_flen_fstat_cb, common_semi_cb,
+ semihost_sys_flen(cs, common_semi_flen_gdb_cb, common_semi_flen_cb,
arg0, common_semi_flen_buf(cs));
break;
--
2.35.1.1320.gc452695387.dirty
next prev parent reply other threads:[~2025-10-18 7:11 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-17 21:35 [PATCH 0/3] semihosting: Fix a few semihosting bugs Sean Anderson
2025-10-17 21:35 ` [PATCH 1/3] gdbstub: Fix %s formatting Sean Anderson
2025-10-18 0:07 ` Richard Henderson
2025-10-20 15:05 ` Alex Bennée
2025-10-17 21:35 ` [PATCH 2/3] semihosting: Fix GDB File-I/O FLEN Sean Anderson
2025-10-20 16:25 ` Alex Bennée
2025-10-17 21:35 ` Sean Anderson [this message]
2025-10-18 7:21 ` [PATCH 3/3] semihosting: Check for overflow in FLEN on 32-bit systems Heinrich Schuchardt
2025-10-20 14:21 ` Sean Anderson
2025-10-20 15:33 ` Heinrich Schuchardt
2025-10-20 15:39 ` Sean Anderson
2025-10-20 16:33 ` Peter Maydell
2025-10-20 19:31 ` Sean Anderson
2025-10-20 15:03 ` [PATCH 0/3] semihosting: Fix a few semihosting bugs Alex Bennée
2025-10-20 15:06 ` Sean Anderson
2025-10-27 10:54 ` Alex Bennée
2025-10-31 10:31 ` Michael Tokarev
2025-10-31 11:44 ` Alex Bennée
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251017213529.998267-4-sean.anderson@linux.dev \
--to=sean.anderson@linux.dev \
--cc=alex.bennee@linaro.org \
--cc=lmichel@kalray.eu \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.