File xen.437e00fea04becc91c1b6bc1c0baa636b067a5cc.patch of Package xen
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
<marmarek@invisiblethingslab.com>
Date: Thu, 5 Apr 2018 03:50:55 +0200
Subject: 437e00fea04becc91c1b6bc1c0baa636b067a5cc
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
tools/kdd: mute spurious gcc warning
gcc-8 complains:
kdd.c:698:13: error: 'memcpy' offset [-204, -717] is out of the bounds [0, 216] of object 'ctrl' with type 'kdd_ctrl' {aka 'union <anonymous>'} [-Werror=array-bounds]
memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kdd.c: In function 'kdd_select_callback':
kdd.c:642:14: note: 'ctrl' declared here
kdd_ctrl ctrl;
^~~~
But this is impossible - 'offset' is unsigned and correctly validated
few lines before.
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Release-Acked-by: Juergen Gross <jgross@suse.com>
---
tools/debugger/kdd/kdd.c | 3 +++
1 file changed, 3 insertions(+)
--- a/tools/debugger/kdd/kdd.c
+++ b/tools/debugger/kdd/kdd.c
@@ -686,25 +686,28 @@ static void kdd_handle_read_ctrl(kdd_state *s)
len = 0;
}
} else {
/* 32-bit control-register space starts at 0x[2]cc, for 84 bytes */
uint64_t offset = addr;
if (offset > 0x200)
offset -= 0x200;
offset -= 0xcc;
if (offset > sizeof ctrl.c32 || offset + len > sizeof ctrl.c32) {
KDD_LOG(s, "Request outside of known control space\n");
len = 0;
} else {
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Warray-bounds"
memcpy(buf, ((uint8_t *)&ctrl.c32) + offset, len);
+#pragma GCC diagnostic pop
}
}
s->txp.cmd.mem.addr = addr;
s->txp.cmd.mem.length_req = s->rxp.cmd.mem.length_req;
s->txp.cmd.mem.length_rsp = len;
s->txp.cmd.mem.status = ((len) ? KDD_STATUS_SUCCESS : KDD_STATUS_FAILURE);
kdd_send_cmd(s, KDD_CMD_READ_CTRL, len);
}
/* MSR access */
static void kdd_handle_read_msr(kdd_state *s)
