|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 4/4] x86/microcode_amd: Fail attempts to load a 0-length microcode blob.
>>> On 24.09.13 at 16:26, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> wrote: > On 09/24/2013 09:19 AM, Jan Beulich wrote: >>>>> On 24.09.13 at 14:10, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote: >>> Coverity ID: 1055319 >>> >>> Coverity identified that when passed a microcode header with a length field > of >>> 0, get_ucode_from_buffer_amd() would end up calling memcpy(NULL, data, 0) >>> which is undefined behaviour. >> I think that's at least questionable: memcpy(..., 0) can hardly be >> anything but a no-op, no matter whether either of the two pointers >> in fact is a NULL one. > > I think what this patch is trying to prevent is passing NULL pointer to > memcpy, > not length being zero (if you follow the logic in > get_ucode_from_buffer_amd() you > will see that destination buffer may not be allocated when length is zero). I understand that; what I was trying to say is that it can't be other than benign if you pass NULL for at least one of the two pointers as long as 0 is being passed for the size. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |