Patchwork [v2,6/6] softmmu-semi: fix lock_user* functions not to deref NULL upon OOM

login
register
mail settings
Submitter Jim Meyering
Date May 24, 2012, 2:46 p.m.
Message ID <87r4u9ab7w.fsf_-_@rho.meyering.net>
Download mbox | patch
Permalink /patch/161147/
State New
Headers show

Comments

Jim Meyering - May 24, 2012, 2:46 p.m.
Return NULL upon malloc failure.

Signed-off-by: Jim Meyering <meyering@redhat.com>
---
Improved based on suggestion from Peter Maydell:
Handle malloc failure rather than relying on g_malloc, since we
can't afford to let guest-provided "len" induce g_malloc's abort.

 softmmu-semi.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

--
1.7.10.2.565.gbd578b5

Patch

diff --git a/softmmu-semi.h b/softmmu-semi.h
index 648cb95..bcb979a 100644
--- a/softmmu-semi.h
+++ b/softmmu-semi.h
@@ -40,7 +40,7 @@  static void *softmmu_lock_user(CPUArchState *env, uint32_t addr, uint32_t len,
     uint8_t *p;
     /* TODO: Make this something that isn't fixed size.  */
     p = malloc(len);
-    if (copy)
+    if (p && copy)
         cpu_memory_rw_debug(env, addr, p, len, 0);
     return p;
 }
@@ -52,6 +52,9 @@  static char *softmmu_lock_user_string(CPUArchState *env, uint32_t addr)
     uint8_t c;
     /* TODO: Make this something that isn't fixed size.  */
     s = p = malloc(1024);
+    if (!s) {
+        return NULL;
+    }
     do {
         cpu_memory_rw_debug(env, addr, &c, 1, 0);
         addr++;