On 9/2/20 6:46 PM, P J P wrote:
> +-- On Wed, 2 Sep 2020, Philippe Mathieu-Daudé wrote --+
> | > + if (s->data_count <= begin || s->data_count > s->buf_maxsz) {
> | > + break;
> | > + }
> |
> | Thanks for your patch. Note however this kind of security fix hides
> | the bug in the model, furthermore it makes the model behaves differently
> | that the real hardware (which we aim to model).
>
> Right, got it.
>
> | I posted a different fix for this problem (fixing the model bug):
> | https://www.mail-archive.com/qemu-devel@nongnu.org/msg735715.html
> | (you already reviewed it, thank you - I still comment it for the
> | other reviewers).
> |
> | Can you replace by an assert() call instead? Since this should never
> | happen.
>
> Replace above check with an assert() call? Even with your revised fix above?
Well, there might be other bugs leading there...
>
>
> Thank you.
> --
> Prasad J Pandit / Red Hat Product Security Team
> 8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D
>
