qemu-ppc
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] ppc/xive: Fix uint32_t overflow

From: Daniel Henrique Barboza
Subject: Re: [PATCH v2] ppc/xive: Fix uint32_t overflow
Date: Mon, 18 Sep 2023 07:32:50 -0300
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.13.0 
Queued in gitlab.com/danielhb/qemu/tree/ppc-next. Thanks,


Daniel

On 9/14/23 12:46, Cédric Le Goater wrote:

As reported by Coverity, "idx << xive->pc_shift" is evaluated using
32-bit arithmetic, and then used in a context expecting a "uint64_t".
Add a uint64_t cast.

Fixes: Coverity CID 1519049
Fixes: b68147b7a5bf ("ppc/xive: Add support for the PC MMIOs")
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com>
---

  v2: removed extra space after cast
hw/intc/pnv_xive.c | 2 +- 
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/intc/pnv_xive.c b/hw/intc/pnv_xive.c
index 9b10e905195a..bda3478b1f84 100644
--- a/hw/intc/pnv_xive.c
+++ b/hw/intc/pnv_xive.c
@@ -210,7 +210,7 @@ static uint64_t pnv_xive_vst_addr_remote(PnvXive *xive, 
uint32_t type,
          return 0;
      }
- remote_addr |= idx << xive->pc_shift; 
+    remote_addr |= ((uint64_t)idx) << xive->pc_shift;
vst_addr = address_space_ldq_be(&address_space_memory, remote_addr, 
                                      MEMTXATTRS_UNSPECIFIED, &result);
reply via email to
[Prev in Thread] Current Thread [Next in Thread]