Hi Li, On Thu, Dec 6, 2018 at 3:26 AM Li Zhijian <lizhij...@cn.fujitsu.com> wrote: > > Some address/memory APIs have different type between > 'hwaddr/target_ulong addr' and 'int len'. It is very unsafe, espcially
As Philippe already suggested, s/espcially/especially > some APIs will be passed a non-int len by caller which might cause > overflow quietly. > Below is an potential overflow case: > dma_memory_read(uint32_t len) > -> dma_memory_rw(uint32_t len) > -> dma_memory_rw_relaxed(uint32_t len) > -> address_space_rw(int len) # len overflow > > CC: Paolo Bonzini <pbonz...@redhat.com> > CC: Peter Crosthwaite <crosthwaite.pe...@gmail.com> > CC: Richard Henderson <r...@twiddle.net> > CC: Peter Maydell <peter.mayd...@linaro.org> > Signed-off-by: Li Zhijian <lizhij...@cn.fujitsu.com> > Reviewed-by: Peter Maydell <peter.mayd...@linaro.org> > Reviewed-by: Richard Henderson <richard.hender...@linaro.org> > > --- > V4: minor fix at commit message and add Reviewed-by tag > V3: use the same type between len and addr(Peter Maydell) > rebase code basing on > https://patchew.org/QEMU/20181122133507.30950-1-peter.mayd...@linaro.org/ > --- > exec.c | 47 > +++++++++++++++++++++++------------------------ > include/exec/cpu-all.h | 2 +- > include/exec/cpu-common.h | 8 ++++---- > include/exec/memory.h | 22 +++++++++++----------- > 4 files changed, 39 insertions(+), 40 deletions(-) Reviewed-by: Stefano Garzarella <sgarz...@redhat.com>