i386: Change X86CPUDefinition::model_id to const char*
It is valid to have a 48-character model ID on CPUID, however the definition of X86CPUDefinition::model_id is char[48], which can make the compiler drop the null terminator from the string. If a CPU model happens to have 48 bytes on model_id, "-cpu help" will print garbage and the object_property_set_str() call at x86_cpu_load_def() will read data outside the model_id array. We could increase the array size to 49, but this would mean the compiler would not issue a warning if a 49-char string is used by mistake for model_id. To make things simpler, simply change model_id to be const char*, and validate the string length using an assert() on x86_register_cpudef_type(). Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20180109154519.25634-2-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
This commit is contained in:
parent
c68bcb3a99
commit
807e9869b8
@ -754,7 +754,7 @@ struct X86CPUDefinition {
|
||||
int model;
|
||||
int stepping;
|
||||
FeatureWordArray features;
|
||||
char model_id[48];
|
||||
const char *model_id;
|
||||
};
|
||||
|
||||
static X86CPUDefinition builtin_x86_defs[] = {
|
||||
@ -923,6 +923,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
|
||||
.features[FEAT_1_EDX] =
|
||||
I486_FEATURES,
|
||||
.xlevel = 0,
|
||||
.model_id = "",
|
||||
},
|
||||
{
|
||||
.name = "pentium",
|
||||
@ -934,6 +935,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
|
||||
.features[FEAT_1_EDX] =
|
||||
PENTIUM_FEATURES,
|
||||
.xlevel = 0,
|
||||
.model_id = "",
|
||||
},
|
||||
{
|
||||
.name = "pentium2",
|
||||
@ -945,6 +947,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
|
||||
.features[FEAT_1_EDX] =
|
||||
PENTIUM2_FEATURES,
|
||||
.xlevel = 0,
|
||||
.model_id = "",
|
||||
},
|
||||
{
|
||||
.name = "pentium3",
|
||||
@ -956,6 +959,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
|
||||
.features[FEAT_1_EDX] =
|
||||
PENTIUM3_FEATURES,
|
||||
.xlevel = 0,
|
||||
.model_id = "",
|
||||
},
|
||||
{
|
||||
.name = "athlon",
|
||||
@ -2736,6 +2740,9 @@ static void x86_register_cpudef_type(X86CPUDefinition *def)
|
||||
* they shouldn't be set on the CPU model table.
|
||||
*/
|
||||
assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
|
||||
/* catch mistakes instead of silently truncating model_id when too long */
|
||||
assert(def->model_id && strlen(def->model_id) <= 48);
|
||||
|
||||
|
||||
type_register(&ti);
|
||||
g_free(typename);
|
||||
|
Loading…
Reference in New Issue
Block a user