|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] hvmloader: cast to avoid potential overflow in shadow_gs_test
>>> On 11.09.17 at 17:01, <wei.liu2@xxxxxxxxxx> wrote:
> On Mon, Sep 11, 2017 at 08:55:53AM -0600, Jan Beulich wrote:
>> >>> On 11.09.17 at 16:07, <wei.liu2@xxxxxxxxxx> wrote:
>> > e2fc5bb5cb4 ("hvmloader: dynamically determine scratch memory range
>> > for tests") makes the test dependent on _end. Coverity reported that
>> > the shift might overflow and suggested we cast i to uint64_t.
>> >
>> > Coverity-ID: 1417660
>> >
>> > Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx>
>> > ---
>> > Cc: Jan Beulich <jbeulich@xxxxxxxx>
>> > Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> > ---
>> > tools/firmware/hvmloader/tests.c | 2 +-
>> > 1 file changed, 1 insertion(+), 1 deletion(-)
>> >
>> > diff --git a/tools/firmware/hvmloader/tests.c
>> > b/tools/firmware/hvmloader/tests.c
>> > index a70c72dffb..3c4c29a6c7 100644
>> > --- a/tools/firmware/hvmloader/tests.c
>> > +++ b/tools/firmware/hvmloader/tests.c
>> > @@ -231,7 +231,7 @@ static int shadow_gs_test(void)
>> > pd += 512;
>> > /* Level 2: */
>> > for ( i = 0; i <= (unsigned long)(_end - 1) >> (PAGE_SHIFT + 9); i++ )
>>
>> With the shift here there's no way ...
>>
>> > - *pd++ = (i << (PAGE_SHIFT + 9)) + 0x1e3;
>> > + *pd++ = ((uint64_t)i << (PAGE_SHIFT + 9)) + 0x1e3;
>>
>> ... this shift (or the add) can overflow, irrespective of the actual
>> value of _end, and with my dislike of casts I'm a little hesitant to
>> give my ack for such a tool weakness workaround.
>
> We can also mark that as false positive.
I would prefer that.
> It's you and Andrew's call.
Andrew?
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |