debian/patches/extra/0030-i386-Change-X86CPUDefinition-model_id-to-const-char.patch

   1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
   2 From: Eduardo Habkost <ehabkost@redhat.com>
   3 Date: Tue, 9 Jan 2018 13:45:13 -0200
   4 Subject: [PATCH] i386: Change X86CPUDefinition::model_id to const char*
   5
   6 It is valid to have a 48-character model ID on CPUID, however the
   7 definition of X86CPUDefinition::model_id is char[48], which can
   8 make the compiler drop the null terminator from the string.
   9
  10 If a CPU model happens to have 48 bytes on model_id, "-cpu help"
  11 will print garbage and the object_property_set_str() call at
  12 x86_cpu_load_def() will read data outside the model_id array.
  13
  14 We could increase the array size to 49, but this would mean the
  15 compiler would not issue a warning if a 49-char string is used by
  16 mistake for model_id.
  17
  18 To make things simpler, simply change model_id to be const char*,
  19 and validate the string length using an assert() on
  20 x86_cpu_cpudef_class_init.
  21
  22 Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
  23 Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
  24 ---
  25  target/i386/cpu.c | 9 ++++++++-
  26  1 file changed, 8 insertions(+), 1 deletion(-)
  27
  28 diff --git a/target/i386/cpu.c b/target/i386/cpu.c
  29 index 3d53cb4c86..c673521016 100644
  30 --- a/target/i386/cpu.c
  31 +++ b/target/i386/cpu.c
  32 @@ -753,7 +753,7 @@ struct X86CPUDefinition {
  33      int model;
  34      int stepping;
  35      FeatureWordArray features;
  36 -    char model_id[48];
  37 +    const char *model_id;
  38  };
  39
  40  static X86CPUDefinition builtin_x86_defs[] = {
  41 @@ -922,6 +922,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
  42          .features[FEAT_1_EDX] =
  43              I486_FEATURES,
  44          .xlevel = 0,
  45 +        .model_id = "",
  46      },
  47      {
  48          .name = "pentium",
  49 @@ -933,6 +934,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
  50          .features[FEAT_1_EDX] =
  51              PENTIUM_FEATURES,
  52          .xlevel = 0,
  53 +        .model_id = "",
  54      },
  55      {
  56          .name = "pentium2",
  57 @@ -944,6 +946,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
  58          .features[FEAT_1_EDX] =
  59              PENTIUM2_FEATURES,
  60          .xlevel = 0,
  61 +        .model_id = "",
  62      },
  63      {
  64          .name = "pentium3",
  65 @@ -955,6 +958,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
  66          .features[FEAT_1_EDX] =
  67              PENTIUM3_FEATURES,
  68          .xlevel = 0,
  69 +        .model_id = "",
  70      },
  71      {
  72          .name = "athlon",
  73 @@ -2617,6 +2621,9 @@ static void x86_register_cpudef_type(X86CPUDefinition *def)
  74       * they shouldn't be set on the CPU model table.
  75       */
  76      assert(!(def->features[FEAT_8000_0001_EDX] & CPUID_EXT2_AMD_ALIASES));
  77 +    /* catch mistakes instead of silently truncating model_id when too long */
  78 +    assert(def->model_id && strlen(def->model_id) <= 48);
  79 +
  80
  81      type_register(&ti);
  82      g_free(typename);
  83 --
  84 2.11.0
  85