From: Peter Maydell <peter.maydell@linaro.org>
To: minyard@acm.org
Cc: "QEMU Developers" <qemu-devel@nongnu.org>,
"Michael S . Tsirkin" <mst@redhat.com>,
"Igor Mammedov" <imammedo@redhat.com>,
"M : Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"David Gibson" <david@gibson.dropbear.id.au>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>
Subject: Re: [PATCH 12/15] ipmi: Add an SMBus IPMI interface
Date: Fri, 29 Jul 2022 17:01:23 +0100 [thread overview]
Message-ID: <CAFEAcA-GUjTKcyvPzetyHYMoGO2ijh6o8b9f1bprEup_C9Abag@mail.gmail.com> (raw)
In-Reply-To: <20220729155644.GY3834@minyard.net>
On Fri, 29 Jul 2022 at 16:56, Corey Minyard <minyard@acm.org> wrote:
>
> On Tue, Jun 28, 2022 at 05:21:44PM +0100, Peter Maydell wrote:
> > On Thu, 19 Sept 2019 at 22:39, <minyard@acm.org> wrote:
> > >
> > > From: Corey Minyard <cminyard@mvista.com>
> > >
> > > Signed-off-by: Corey Minyard <cminyard@mvista.com>
> > > ---
> >
>
> Thank you for the ping. Comments inline...
> > ...calling memcpy() with argument 1 being a pointer that points
> > one past the end of the array. Even though len will be 0 and
> > we won't memcpy() anything, this is (depending on how you choose
> > to intepret things the C standard doesn't come right out and state
> > explicitly) undefined behaviour, because memcpy() wants to be passed
> > valid pointers, even if you ask it to do no work with a zero len.
> >
> > This isn't going to be a visible bug in practical terms, but it would
> > make Coverity happy if we either (a) rejected a request with an empty
> > length or else (b) skipped the memcpy(). I don't know enough about
> > IPMI to know which is better.
>
> Hmm. In some cases you have to accept a zero-length packet (as
> described in the comments), but if you said:
>
> if (len > 0)
> memcpy(sid->inmsg + sid->inlen, buf, len);
>
> would that make Coverity happy? I was under the impression that if you
> passed zero into len, you could pass anything into the data on a memcpy.
> But apparently not; I can make this change.
Yes, putting an if() around the memcpy() will be enough to avoid
the undefined behaviour. (NB that you want braces {} on it ;-))
thanks
-- PMM
next prev parent reply other threads:[~2022-07-29 16:14 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-19 21:39 [PATCH 00/15] ipmi: Bug fixes, add new interfaces minyard
2019-09-19 21:39 ` [PATCH 01/15] ipmi: Fix watchdog NMI handling minyard
2019-09-20 15:45 ` Cédric Le Goater
2019-09-19 21:39 ` [PATCH 02/15] ipmi: Fix the get watchdog command minyard
2019-09-20 15:50 ` Cédric Le Goater
2019-09-19 21:39 ` [PATCH 03/15] ipmi: Generate an interrupt on watchdog pretimeout expiry minyard
2019-09-23 5:41 ` Cédric Le Goater
2019-09-19 21:39 ` [PATCH 04/15] tests:ipmi: Fix IPMI BT tests minyard
2019-09-19 21:39 ` [PATCH 05/15] qdev: Add a no default uuid property minyard
2019-09-23 5:47 ` Cédric Le Goater
2019-09-19 21:39 ` [PATCH 06/15] ipmi: Add a UUID device property minyard
2019-09-23 5:51 ` Cédric Le Goater
2019-09-19 21:39 ` [PATCH 07/15] ipmi: Split out KCS-specific code from ISA KCS code minyard
2019-09-19 21:39 ` [PATCH 08/15] ipmi: Split out BT-specific code from ISA BT code minyard
2019-09-19 21:39 ` [PATCH 09/15] ipmi: Allow a size value to be passed for I/O space minyard
2019-09-19 21:39 ` [PATCH 10/15] smbios:ipmi: Ignore IPMI devices with no fwinfo function minyard
2019-09-19 21:39 ` [PATCH 11/15] ipmi: Add PCI IPMI interfaces minyard
2019-09-19 21:39 ` [PATCH 12/15] ipmi: Add an SMBus IPMI interface minyard
2022-06-28 16:21 ` Peter Maydell
2022-07-29 15:34 ` Peter Maydell
2022-07-29 15:56 ` Corey Minyard
2022-07-29 16:01 ` Peter Maydell [this message]
2019-09-19 21:39 ` [PATCH 13/15] acpi: Add i2c serial bus CRS handling minyard
2019-09-19 21:39 ` [PATCH 14/15] ipmi: Fix SSIF ACPI handling to use the right CRS minyard
2019-09-19 21:39 ` [PATCH 15/15] pc: Add an SMB0 ACPI device to q35 minyard
2019-09-20 11:43 ` [PATCH 00/15] ipmi: Bug fixes, add new interfaces Paolo Bonzini
2019-09-20 12:19 ` Corey Minyard
2019-09-20 12:57 ` Peter Maydell
2019-09-20 17:36 ` Corey Minyard
2019-09-20 17:51 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFEAcA-GUjTKcyvPzetyHYMoGO2ijh6o8b9f1bprEup_C9Abag@mail.gmail.com \
--to=peter.maydell@linaro.org \
--cc=david@gibson.dropbear.id.au \
--cc=imammedo@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=minyard@acm.org \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).