subject:"\[PATCH 3\/3\] hw\/nubus\/nubus\-device\: Range check 'slot' property"

Re: [PATCH 3/3] hw/nubus/nubus-device: Range check 'slot' property

2024-09-01 Thread Mark Cave-Ayland

On 30/08/2024 18:34, Peter Maydell wrote: The TYPE_NUBUS_DEVICE class lets the user specify the nubus slot using an int32 "slot" QOM property. Its realize method doesn't do any range checking on this value, which Coverity notices by way of the possibility that 'nd->slot * NUBUS_SUPER_SLOT_SIZE'

Re: [PATCH 3/3] hw/nubus/nubus-device: Range check 'slot' property

2024-08-30 Thread Thomas Huth

Am Fri, 30 Aug 2024 18:34:52 +0100 schrieb Peter Maydell : > The TYPE_NUBUS_DEVICE class lets the user specify the nubus slot > using an int32 "slot" QOM property. Its realize method doesn't do > any range checking on this value, which Coverity notices by way of > the possibility that 'nd->slot *

[PATCH 3/3] hw/nubus/nubus-device: Range check 'slot' property

2024-08-30 Thread Peter Maydell

The TYPE_NUBUS_DEVICE class lets the user specify the nubus slot using an int32 "slot" QOM property. Its realize method doesn't do any range checking on this value, which Coverity notices by way of the possibility that 'nd->slot * NUBUS_SUPER_SLOT_SIZE' might overflow the 32-bit arithmetic it is u