[PATCH] hw/xen/xen_pt: fix uninitialized variable

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] hw/xen/xen_pt: fix uninitialized variable
@ 2023-01-27  5:08 Marek Marczykowski-Górecki
  2023-01-27 18:05 ` Stefano Stabellini
  0 siblings, 1 reply; 2+ messages in thread
From: Marek Marczykowski-Górecki @ 2023-01-27  5:08 UTC (permalink / raw)
  To: qemu-devel
  Cc: Marek Marczykowski-Górecki, Stefano Stabellini,
	Anthony Perard, Paul Durrant, open list:X86 Xen CPUs

xen_pt_config_reg_init() reads only that many bytes as the size of the
register that is being initialized. It uses
xen_host_pci_get_{byte,word,long} and casts its last argument to
expected pointer type. This means for smaller registers higher bits of
'val' are not initialized. Then, the function fails if any of those
higher bits are set.

Fix this by initializing 'val' with zero.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
---
 hw/xen/xen_pt_config_init.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
index cde898b744..8b9b554352 100644
--- a/hw/xen/xen_pt_config_init.c
+++ b/hw/xen/xen_pt_config_init.c
@@ -1924,7 +1924,7 @@ static void xen_pt_config_reg_init(XenPCIPassthroughState *s,
     if (reg->init) {
         uint32_t host_mask, size_mask;
         unsigned int offset;
-        uint32_t val;
+        uint32_t val = 0;
 
         /* initialize emulate register */
         rc = reg->init(s, reg_entry->reg,
-- 
2.37.3



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] hw/xen/xen_pt: fix uninitialized variable
  2023-01-27  5:08 [PATCH] hw/xen/xen_pt: fix uninitialized variable Marek Marczykowski-Górecki
@ 2023-01-27 18:05 ` Stefano Stabellini
  0 siblings, 0 replies; 2+ messages in thread
From: Stefano Stabellini @ 2023-01-27 18:05 UTC (permalink / raw)
  To: Marek Marczykowski-Górecki
  Cc: qemu-devel, Stefano Stabellini, Anthony Perard, Paul Durrant,
	open list:X86 Xen CPUs

[-- Attachment #1: Type: text/plain, Size: 1225 bytes --]

On Fri, 27 Jan 2023, Marek Marczykowski-Górecki wrote:
> xen_pt_config_reg_init() reads only that many bytes as the size of the
> register that is being initialized. It uses
> xen_host_pci_get_{byte,word,long} and casts its last argument to
> expected pointer type. This means for smaller registers higher bits of
> 'val' are not initialized. Then, the function fails if any of those
> higher bits are set.
> 
> Fix this by initializing 'val' with zero.
> 
> Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>

Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>


> ---
>  hw/xen/xen_pt_config_init.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
> index cde898b744..8b9b554352 100644
> --- a/hw/xen/xen_pt_config_init.c
> +++ b/hw/xen/xen_pt_config_init.c
> @@ -1924,7 +1924,7 @@ static void xen_pt_config_reg_init(XenPCIPassthroughState *s,
>      if (reg->init) {
>          uint32_t host_mask, size_mask;
>          unsigned int offset;
> -        uint32_t val;
> +        uint32_t val = 0;
>  
>          /* initialize emulate register */
>          rc = reg->init(s, reg_entry->reg,
> -- 
> 2.37.3
> 

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-01-27 18:06 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-01-27  5:08 [PATCH] hw/xen/xen_pt: fix uninitialized variable Marek Marczykowski-Górecki
2023-01-27 18:05 ` Stefano Stabellini

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).