From: Peter Maydell <peter.maydell@linaro.org>
To: Bug 1703147 <1703147@bugs.launchpad.net>
Cc: QEMU Developers <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] [Bug 1703147] [NEW] Xfer:features:read truncating xml sent to gdb frontends
Date: Sat, 8 Jul 2017 22:44:42 +0100 [thread overview]
Message-ID: <CAFEAcA-6wX4CcALpNkf7dZh=YqWhx1=ox1ihQULiW42NAFZpfg@mail.gmail.com> (raw)
In-Reply-To: <149954874338.15421.5827897782818416258.malonedeb@wampee.canonical.com>
On 8 July 2017 at 22:19, Duane Voth <duanev@gmail.com> wrote:
> Around line 1326 in gdbstub.c:
>
> if (len > (MAX_PACKET_LENGTH - 5) / 2)
> len = (MAX_PACKET_LENGTH - 5) / 2;
>
> is truncating processor reg description xml files longer than 2045
> bytes. Deleting these lines works for my immediate need, but they seem
> to be trying to fix some buffer overrun condition so I won't offer a
> patch until we understand their purpose.
Those lines prevent the packet we're constructing overrunning
the buf[] array (in the worst case the packet encoding could
use 2 bytes of buffer for every byte of payload). It's probably
working for you without them because (a) the XML payload doesn't
come near the worst-case and (b) buf[] is followed on the stack
by mem_buf[] which happens to be unused here so overrunning into
it has no visible harmful effects.
Truncating the XML is clearly not what we want though so we
should do something more intelligent...
thanks
-- PMM
next prev parent reply other threads:[~2017-07-08 21:46 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-08 21:19 [Qemu-devel] [Bug 1703147] [NEW] Xfer:features:read truncating xml sent to gdb frontends Duane Voth
2017-07-08 21:44 ` Peter Maydell [this message]
2021-05-02 5:41 ` [Bug 1703147] " Thomas Huth
2021-07-02 4:17 ` Launchpad Bug Tracker
2021-07-02 4:48 ` Duane Voth
2021-07-02 6:49 ` Thomas Huth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA-6wX4CcALpNkf7dZh=YqWhx1=ox1ihQULiW42NAFZpfg@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=1703147@bugs.launchpad.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.