| Message ID | 20230828013736.18414-1-jniethe5@gmail.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [1/3] virtio-serial: Fix invalid stack access with closed virtio device | expand |
On 28/08/2023 03.37, Jordan Niethe wrote: > When virtiodev is 0, its read method accesses beyond the end of the > stack with nip. Instead finish with 1 on the stack to mirror the > virtio-serial-getchar case and the behavior of the write method to > return successfully even with the virtio device closed. > > Fixes: 8174acd ("virtio-serial: Close device completely") > Co-developed-by: Kautuk Consul <kconsul@linux.vnet.ibm.com> > Signed-off-by: Kautuk Consul <kconsul@linux.vnet.ibm.com> > Signed-off-by: Jordan Niethe <jniethe5@gmail.com> > --- > board-qemu/slof/virtio-serial.fs | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/board-qemu/slof/virtio-serial.fs b/board-qemu/slof/virtio-serial.fs > index 82868e2..a67a310 100644 > --- a/board-qemu/slof/virtio-serial.fs > +++ b/board-qemu/slof/virtio-serial.fs > @@ -78,7 +78,7 @@ virtiodev virtio-serial-init drop > > : read ( addr len -- actual ) > 0= IF drop 0 EXIT THEN > - virtiodev 0= IF nip EXIT THEN > + virtiodev 0= IF drop 1 EXIT THEN Wouldn't 0 make more sense than 1 ? Thomas
diff --git a/board-qemu/slof/virtio-serial.fs b/board-qemu/slof/virtio-serial.fs index 82868e2..a67a310 100644 --- a/board-qemu/slof/virtio-serial.fs +++ b/board-qemu/slof/virtio-serial.fs @@ -78,7 +78,7 @@ virtiodev virtio-serial-init drop : read ( addr len -- actual ) 0= IF drop 0 EXIT THEN - virtiodev 0= IF nip EXIT THEN + virtiodev 0= IF drop 1 EXIT THEN virtiodev virtio-serial-haschar 0= IF 0 swap c! -2 EXIT THEN virtiodev virtio-serial-getchar swap c! 1 ;
When virtiodev is 0, its read method accesses beyond the end of the stack with nip. Instead finish with 1 on the stack to mirror the virtio-serial-getchar case and the behavior of the write method to return successfully even with the virtio device closed. Fixes: 8174acd ("virtio-serial: Close device completely") Co-developed-by: Kautuk Consul <kconsul@linux.vnet.ibm.com> Signed-off-by: Kautuk Consul <kconsul@linux.vnet.ibm.com> Signed-off-by: Jordan Niethe <jniethe5@gmail.com> --- board-qemu/slof/virtio-serial.fs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)