[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 4/4] x86/microcode_amd: Fail attempts to load a 0-length microcode blob.



>>> On 24.09.13 at 16:26, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> wrote:
> On 09/24/2013 09:19 AM, Jan Beulich wrote:
>>>>> On 24.09.13 at 14:10, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote:
>>> Coverity ID: 1055319
>>>
>>> Coverity identified that when passed a microcode header with a length field 
> of
>>> 0, get_ucode_from_buffer_amd() would end up calling memcpy(NULL, data, 0)
>>> which is undefined behaviour.
>> I think that's at least questionable: memcpy(..., 0) can hardly be
>> anything but a no-op, no matter whether either of the two pointers
>> in fact is a NULL one.
> 
> I think what this patch is trying to prevent is passing NULL pointer to 
> memcpy,
> not length being zero (if you follow the logic in 
> get_ucode_from_buffer_amd() you
> will see that destination buffer may not be allocated when length is zero).

I understand that; what I was trying to say is that it can't be other
than benign if you pass NULL for at least one of the two pointers
as long as 0 is being passed for the size.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.