From nobody Wed Mar 22 19:44:27 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Phf7M0kvnz41DPC for ; Wed, 22 Mar 2023 19:44:31 +0000 (UTC) (envelope-from jrtc27@jrtc27.com) Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Phf7L5vv6z4J1r for ; Wed, 22 Mar 2023 19:44:30 +0000 (UTC) (envelope-from jrtc27@jrtc27.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-wr1-f41.google.com with SMTP id j24so9372979wrd.0 for ; Wed, 22 Mar 2023 12:44:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679514269; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DPjkibs8WJKDKLhvd7zvBqeHkIy4raf9s3t9NmjL2MQ=; b=EVKOeujK74P49fI6GR26zfr22QNyrem1Ow4l/1zYxtAcK9s3oElUR0tKYj1bg2i1wr vWQiOB5IMMLkK3i4pbklr3TvioLVSj6qC8ugJpUM2hnUt4J9hB/bchB6rGEDruz1BIbU t+rBp9/9RzOAnlkG226pNC1sa1ovs7Bh/MqHxDyrM4bm3Stiyqmrwg6cLzvKXxEGyXf1 pZ0lZq0NwYs9pANZxpEsjN+uatwNY/Q91h9lE5FrmR7GdC3KhZ2qSnvMSfwOQOnO82ah QRmnrKlQPbYhfma8BW7dQcj2nHiyQBpZPkcenyUPiqrcJlsUM7yyNchmOSdvX2hwdhJI 5Zug== X-Gm-Message-State: AAQBX9fqDW5q4oQzuSKuHDd34lVi9HQ5Zx6UAD1Q2yoW/p6I0+KBb6dc LpzZkZZUF8UDt1razK1HNhRD0Q== X-Google-Smtp-Source: AKy350asrUSgrvLZM8/BBhjjrNpkzIb47flKt0HJTThsePTO/s6PdJ7vyW5WEOObiHLnK6JtWq6Ekg== X-Received: by 2002:a5d:4087:0:b0:2cf:ee3b:950 with SMTP id o7-20020a5d4087000000b002cfee3b0950mr672594wrp.54.1679514269024; Wed, 22 Mar 2023 12:44:29 -0700 (PDT) Received: from smtpclient.apple (global-5-144.n-2.net.cam.ac.uk. [131.111.5.144]) by smtp.gmail.com with ESMTPSA id f11-20020a5d4dcb000000b002cfe3f842c8sm14411811wru.56.2023.03.22.12.44.28 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Mar 2023 12:44:28 -0700 (PDT) Content-Type: text/plain; charset=us-ascii List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\)) Subject: Re: git: 61482760a0ca - main - bhyve: Accept a variable-length string name for qemu_fwcfg_add_file. From: Jessica Clarke In-Reply-To: <202303221935.32MJZlHM019772@gitrepo.freebsd.org> Date: Wed, 22 Mar 2023 19:44:27 +0000 Cc: "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <29CA9EB9-4226-4FB0-982E-A88A8BC5ACCB@freebsd.org> References: <202303221935.32MJZlHM019772@gitrepo.freebsd.org> To: John Baldwin X-Mailer: Apple Mail (2.3696.120.41.1.1) X-Rspamd-Queue-Id: 4Phf7L5vv6z4J1r X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N On 22 Mar 2023, at 19:35, John Baldwin wrote: >=20 > The branch main has been updated by jhb: >=20 > URL: = https://cgit.FreeBSD.org/src/commit/?id=3D61482760a0ca198a9310d450133e9ac7= 92b67955 >=20 > commit 61482760a0ca198a9310d450133e9ac792b67955 > Author: John Baldwin > AuthorDate: 2023-03-22 19:34:34 +0000 > Commit: John Baldwin > CommitDate: 2023-03-22 19:34:34 +0000 >=20 > bhyve: Accept a variable-length string name for = qemu_fwcfg_add_file. >=20 > It is illegal (UB?) to pass a shorter array to a function argument > that takes a fixed-length array. Do a runtime check for names that > are too long via strlen() instead. So, without static in there (that very weird corner of the C grammar*), the size is meaningless. GCC just treats this as a convention that you meant the size to do something for the purposes of diagnostics, but not semantics, so this is in fact a known, and by design, false-positive. Jess *: void foo(int array[static N]) > Reviewed by: markj > Reported by: GCC -Wstringop-overread > Differential Revision: https://reviews.freebsd.org/D39211 > --- > usr.sbin/bhyve/qemu_fwcfg.c | 6 ++++-- > usr.sbin/bhyve/qemu_fwcfg.h | 2 +- > 2 files changed, 5 insertions(+), 3 deletions(-) >=20 > diff --git a/usr.sbin/bhyve/qemu_fwcfg.c b/usr.sbin/bhyve/qemu_fwcfg.c > index 1b0b5e3e9931..2d91213dc7c5 100644 > --- a/usr.sbin/bhyve/qemu_fwcfg.c > +++ b/usr.sbin/bhyve/qemu_fwcfg.c > @@ -261,9 +261,11 @@ qemu_fwcfg_register_port(const char *const name, = const int port, const int size, > } >=20 > int > -qemu_fwcfg_add_file(const uint8_t name[QEMU_FWCFG_MAX_NAME], > - const uint32_t size, void *const data) > +qemu_fwcfg_add_file(const char *name, const uint32_t size, void = *const data) > { > + if (strlen(name) >=3D QEMU_FWCFG_MAX_NAME) > + return (EINVAL); > + > /* > * QEMU specifies count as big endian. > * Convert it to host endian to work with it. > diff --git a/usr.sbin/bhyve/qemu_fwcfg.h b/usr.sbin/bhyve/qemu_fwcfg.h > index f59087250816..f3846d64085a 100644 > --- a/usr.sbin/bhyve/qemu_fwcfg.h > +++ b/usr.sbin/bhyve/qemu_fwcfg.h > @@ -18,6 +18,6 @@ struct qemu_fwcfg_item { > uint8_t *data; > }; >=20 > -int qemu_fwcfg_add_file(const uint8_t name[QEMU_FWCFG_MAX_NAME], > +int qemu_fwcfg_add_file(const char *name, > const uint32_t size, void *const data); > int qemu_fwcfg_init(struct vmctx *const ctx);