diff options
| author | Alexander Bulekov <alxndr@bu.edu> | 2020-10-29 13:28:58 -0400 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2020-11-03 13:17:27 -0500 |
| commit | a9f67c1d51dda405bc6a406d13c8802b98df904e (patch) | |
| tree | a590677d6939a50aabef4293bb320c75d5f1f116 /qapi/qapi-util.c | |
| parent | c59c582d56ee3bbde15e6788c0d28329792b2573 (diff) | |
| download | focaccia-qemu-a9f67c1d51dda405bc6a406d13c8802b98df904e.tar.gz focaccia-qemu-a9f67c1d51dda405bc6a406d13c8802b98df904e.zip | |
fuzz: fix writing DMA patterns
This code had all sorts of issues. We used a loop similar to address_space_write_rom, but I did not remove a "break" that only made sense in the context of the switch statement in the original code. Then, after the loop, we did a separate qtest_memwrite over the entire DMA access range, defeating the purpose of the loop. Additionally, we increment the buf pointer, and then try to g_free() it. Fix these problems. Reported-by: OSS-Fuzz (Issue 26725) Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reported-by: OSS-Fuzz (Issue 26691) Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20201029172901.534442-2-alxndr@bu.edu> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'qapi/qapi-util.c')
0 files changed, 0 insertions, 0 deletions