diff options
| author | Raphael Norwitz <raphael.norwitz@nutanix.com> | 2020-06-22 23:50:44 +0000 |
|---|---|---|
| committer | Michael S. Tsirkin <mst@redhat.com> | 2020-06-24 17:18:28 -0400 |
| commit | 8d19371593dedda64622bbcec8f81d8d8cee5e76 (patch) | |
| tree | e93679cc8ad8068387c167a1a88ca3ae2bd5e6e3 /scripts/tracetool/format/tcg_helper_wrapper_h.py | |
| parent | 56172c4ccdbbfae3aded3baecd6148935fac39a9 (diff) | |
| download | focaccia-qemu-8d19371593dedda64622bbcec8f81d8d8cee5e76.tar.gz focaccia-qemu-8d19371593dedda64622bbcec8f81d8d8cee5e76.zip | |
Stop vhost-user sending uninitialized mmap_offsets
Prior to this change, the vhost_user_fill_msg_region function filled out all elements of the VhostUserMemoryRegion struct except the mmap_offset. This function is often called on uninitialized structs, which are then copied into VHOST_USER_SET_MEM_TABLE and VHOST_USER_ADD/REM_MEM_REG messages. In some cases, where the mmap_offset was not needed, it was left uninitialized, causing QEMU to send the backend uninitialized data, which Coverity flagged as a series of issues. This change augments the vhost_user_fill_msg_region API, adding a mmap_offset paramenter, forcing the caller to initialize mmap_offset. Fixes: ece99091c2d0aeb23734289a50ef2ff4e0a08929 Fixes: f1aeb14b0809e313c74244d838645ed25e85ea63 Reported-by: Coverity (CIDs 1429802, 1429803 and 1429804) Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com> Message-Id: <1592650156-25845-1-git-send-email-raphael.norwitz@nutanix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Diffstat (limited to 'scripts/tracetool/format/tcg_helper_wrapper_h.py')
0 files changed, 0 insertions, 0 deletions