From: Alexander Graf <agraf@suse.de>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
Riku Voipio <riku.voipio@linaro.org>
Subject: [Qemu-devel] [PATCH 4/9] linux-user: Fix sendrecvmsg() with QEMU_GUEST_BASE
Date: Sat, 6 Jul 2013 02:36:13 +0200 [thread overview]
Message-ID: <1373070978-11966-5-git-send-email-agraf@suse.de> (raw)
In-Reply-To: <1373070978-11966-1-git-send-email-agraf@suse.de>
While looking for cmsg entries, we want to compare guest pointers to see
whether we're at the end of the passed in array.
However, what we really do is we compare our in-use host pointer with the
to-be-the-end guest pointer. This comparison is obviously bogus.
Change the comparison to compare guest pointer with guest pointer.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
linux-user/syscall_defs.h | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 92c01a9..8b06a19 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -214,7 +214,7 @@ __target_cmsg_nxthdr (struct target_msghdr *__mhdr, struct target_cmsghdr *__cms
__ptr = (struct target_cmsghdr *)((unsigned char *) __cmsg
+ TARGET_CMSG_ALIGN (tswapal(__cmsg->cmsg_len)));
- if ((unsigned long)((char *)(__ptr+1) - (char *)(size_t)tswapal(__mhdr->msg_control))
+ if ((unsigned long)((char *)(h2g(__ptr+1)) - (char *)(size_t)tswapal(__mhdr->msg_control))
> tswapal(__mhdr->msg_controllen))
/* No more entries. */
return (struct target_cmsghdr *)0;
--
1.6.0.2
next prev parent reply other threads:[~2013-07-06 0:36 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-06 0:36 [Qemu-devel] [PATCH 0/9] linux-user: Wine enablement patch set Alexander Graf
2013-07-06 0:36 ` [Qemu-devel] [PATCH 1/9] linux-user: fix segmentation fault passing with h2g(x) != x Alexander Graf
2013-07-06 10:27 ` Peter Maydell
2013-07-06 0:36 ` [Qemu-devel] [PATCH 2/9] linux-user: Add is_write segfault check for ARM hosts Alexander Graf
2013-07-06 10:24 ` Peter Maydell
2013-07-06 10:28 ` Alexander Graf
2013-07-06 0:36 ` [Qemu-devel] [PATCH 3/9] linux-user: Don't reset a new thread's CPU Alexander Graf
2013-07-06 10:31 ` Peter Maydell
2013-07-06 12:40 ` Andreas Färber
2013-07-06 12:44 ` Peter Maydell
2013-07-06 13:14 ` Andreas Färber
2013-07-06 0:36 ` Alexander Graf [this message]
2013-07-06 10:42 ` [Qemu-devel] [PATCH 4/9] linux-user: Fix sendrecvmsg() with QEMU_GUEST_BASE Peter Maydell
2013-07-06 10:47 ` Alexander Graf
2013-07-06 0:36 ` [Qemu-devel] [PATCH 5/9] linux-user: Fix epoll on ARM hosts Alexander Graf
2013-07-06 10:45 ` Peter Maydell
2013-07-06 10:48 ` Alexander Graf
2013-07-06 0:36 ` [Qemu-devel] [PATCH 6/9] linux-user: Add i386 TLS setter Alexander Graf
2013-07-06 0:36 ` [Qemu-devel] [PATCH 7/9] linux-user: Enable NPTL for i386 Alexander Graf
2013-07-06 10:48 ` Peter Maydell
2013-07-06 10:49 ` Alexander Graf
2013-07-06 0:36 ` [Qemu-devel] [PATCH 8/9] linux-user: Default to 64k guest base Alexander Graf
2013-07-06 0:36 ` [Qemu-devel] [PATCH 9/9] linux-user: Unlock mmap_lock when resuming guest from page_unprotect Alexander Graf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1373070978-11966-5-git-send-email-agraf@suse.de \
--to=agraf@suse.de \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=riku.voipio@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).