From: Eduardo Habkost <ehabkost@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Richard Henderson <rth@twiddle.net>,
qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 3/8] i386: Change X86CPUDefinition::model_id to const char*
Date: Thu, 18 Jan 2018 00:01:52 -0200 [thread overview]
Message-ID: <20180118020157.25401-4-ehabkost@redhat.com> (raw)
In-Reply-To: <20180118020157.25401-1-ehabkost@redhat.com>
It is valid to have a 48-character model ID on CPUID, however the
definition of X86CPUDefinition::model_id is char[48], which can
make the compiler drop the null terminator from the string.
If a CPU model happens to have 48 bytes on model_id, "-cpu help"
will print garbage and the object_property_set_str() call at
x86_cpu_load_def() will read data outside the model_id array.
We could increase the array size to 49, but this would mean the
compiler would not issue a warning if a 49-char string is used by
mistake for model_id.
To make things simpler, simply change model_id to be const char*,
and validate the string length using an assert() on
x86_register_cpudef_type().
Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20180109154519.25634-2-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
target/i386/cpu.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 4385853646..0e26fa4ea7 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -754,7 +754,7 @@ struct X86CPUDefinition {
int model;
int stepping;
FeatureWordArray features;
- char model_id[48];
+ const char *model_id;
};
static X86CPUDefinition builtin_x86_defs[] = {
@@ -923,6 +923,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
I486_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "pentium",
@@ -934,6 +935,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
PENTIUM_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "pentium2",
@@ -945,6 +947,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
PENTIUM2_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "pentium3",
@@ -956,6 +959,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
.features[FEAT_1_EDX] =
PENTIUM3_FEATURES,
.xlevel = 0,
+ .model_id = "",
},
{
.name = "athlon",
@@ -2736,6 +2740,9 @@ static void x86_register_cpudef_type(X86CPUDefinition *def)
* they shouldn't be set on the CPU model table.
*/
assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
+ /* catch mistakes instead of silently truncating model_id when too long */
+ assert(def->model_id && strlen(def->model_id) <= 48);
+
type_register(&ti);
g_free(typename);
--
2.14.3
next prev parent reply other threads:[~2018-01-18 2:02 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-18 2:01 [Qemu-devel] [PULL 0/8] x86 queue, 2018-01-17 Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 1/8] pc: add 2.12 machine types Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 2/8] target/i386: add clflushopt to "Skylake-Server" cpu model Eduardo Habkost
2018-01-18 2:01 ` Eduardo Habkost [this message]
2018-01-18 2:01 ` [Qemu-devel] [PULL 4/8] i386: Add support for SPEC_CTRL MSR Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 5/8] i386: Add spec-ctrl CPUID bit Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 6/8] i386: Add FEAT_8000_0008_EBX CPUID feature word Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 7/8] i386: Add new -IBRS versions of Intel CPU models Eduardo Habkost
2018-01-18 2:01 ` [Qemu-devel] [PULL 8/8] i386: Add EPYC-IBPB CPU model Eduardo Habkost
2018-01-18 13:51 ` [Qemu-devel] [PULL 0/8] x86 queue, 2018-01-17 Peter Maydell
2018-01-23 8:40 ` Christian Ehrhardt
2018-01-23 9:59 ` Christian Borntraeger
2018-01-23 10:19 ` [Qemu-devel] [qemu-s390x] " Cornelia Huck
2018-01-23 10:34 ` [Qemu-devel] " Christian Ehrhardt
2018-01-23 10:50 ` [Qemu-devel] [qemu-s390x] " Cornelia Huck
2018-01-23 18:40 ` Michael Roth
2018-01-23 11:14 ` [Qemu-devel] " Peter Maydell
2018-01-23 16:40 ` [Qemu-devel] [qemu-s390x] " David Hildenbrand
2018-01-23 18:15 ` [Qemu-devel] " Michael Roth
2018-01-23 19:31 ` Eduardo Habkost
2018-01-23 21:33 ` Michael Roth
2018-01-26 1:29 ` Eduardo Habkost
2018-01-26 16:28 ` Michael Roth
2018-01-26 18:08 ` Eduardo Habkost
2018-01-26 18:17 ` Peter Maydell
2018-01-26 18:23 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180118020157.25401-4-ehabkost@redhat.com \
--to=ehabkost@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).