Re: [PATCH v7 04/26] monitor/i386: use debug APIs when accessing guest memory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 07/02/2018 17:06, Brijesh Singh wrote:
>  
>      sum = 0;
>      for(addr = start; addr < (start + size); addr++) {
> -        uint8_t val = address_space_ldub(&address_space_memory, addr,
> -                                         MEMTXATTRS_UNSPECIFIED, NULL);
> +        uint8_t buf[0];
> +        uint8_t val;
> +        cpu_physical_memory_read_debug(addr, buf, 1);
> +        val = ldub_p(buf);

This is a buffer overflow on "buf".  All you need is

    cpu_physical_memory_read_debug(addr, &val, 1);

Thanks,

Paolo

>          /* BSD sum algorithm ('sum' Unix command) */
>          sum = (sum >> 1) | (sum << 15);
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux