Hi, Gerd
What's your opinion about this patch? Thanks,
Best regards,
-Gonglei
> -----Original Message-----
> From: Gonglei (Arei)
> Sent: Wednesday, May 28, 2014 9:22 PM
> To: qemu-devel@nongnu.org
> Cc: av1...@comtv.ru; kra...@redhat.com; lcapitul...@redhat.com;
> ler...@redhat.com; qiaonuo...@cn.fujitsu.com; afaer...@suse.de;
> ebl...@redhat.com; pbonz...@redhat.com; m...@redhat.com; Huangweidong
> (C); peter.crosthwa...@xilinx.com; kw...@redhat.com; stefa...@redhat.com;
> crobi...@redhat.com; aligu...@amazon.com; arm...@redhat.com;
> Luonengjun; Gonglei (Arei)
> Subject: [PATCH v2 2/6] vga: Fix divide-by-zero in vga_update_text
>
> From: Gonglei <arei.gong...@huawei.com>
>
> Spotted by Coverity:
>
> (20) Event cond_true: Condition "cursor_visible", taking true branch
> (21) Event cond_true: Condition "cursor_offset < size", taking true branch
> (22) Event cond_true: Condition "cursor_offset >= 0", taking true branch
>
> 2097 if (cursor_visible && cursor_offset < size && cursor_offset >= 0)
> (23) Event divide_by_zero: In expression "cursor_offset / width",
> division by expression "width" which may be zero has undefined behavior.
>
> 2098 dpy_text_cursor(s->con,
> 2099 TEXTMODE_X(cursor_offset),
> 2100
> TEXTMODE_Y(cursor_offset));
>
> Signed-off-by: Gonglei <arei.gong...@huawei.com>
> ---
> hw/display/vga.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/display/vga.c b/hw/display/vga.c
> index 8cd6afe..3c1c6eb 100644
> --- a/hw/display/vga.c
> +++ b/hw/display/vga.c
> @@ -2094,7 +2094,7 @@ static void vga_update_text(void *opaque,
> console_ch_t *chardata)
> s->cr[VGA_CRTC_CURSOR_START] != s->cursor_start ||
> s->cr[VGA_CRTC_CURSOR_END] != s->cursor_end ||
> full_update) {
> cursor_visible = !(s->cr[VGA_CRTC_CURSOR_START] & 0x20);
> - if (cursor_visible && cursor_offset < size && cursor_offset >=
> 0)
> + if (cursor_visible && cursor_offset < size && cursor_offset > 0)
> dpy_text_cursor(s->con,
> TEXTMODE_X(cursor_offset),
> TEXTMODE_Y(cursor_offset));
> --
> 1.7.12.4
>
