| Message ID | 20220719121110.225657-2-peter.maydell@linaro.org |
|---|---|
| State | Superseded |
| Headers | show |
| Series | semihosting: fix various coverity issues | expand |
On 7/19/22 17:41, Peter Maydell wrote: > The documentation comment for qemu_semihosting_console_write() says > * Returns: number of bytes written -- this should only ever be short > * on some sort of i/o error. > > and the callsites rely on this. However, the implementation code > path which sends console output to a chardev doesn't honour this, > and will return negative values on error. Bring it into line with > the other implementation codepaths and the documentation, so that > it returns 0 on error. > > Spotted by Coverity, because console_write() passes the return value > to unlock_user(), which doesn't accept a negative length. > > Resolves: Coverity CID 1490288 > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > --- > console_write() doesn't need to pass the length to unlock_user() > at all, as it happens -- see the next patch. Reviewed-by: Richard Henderson <richard.henderson@linaro.org> r~
diff --git a/semihosting/console.c b/semihosting/console.c index 5b1ec0a1c39..0f976fe8cb1 100644 --- a/semihosting/console.c +++ b/semihosting/console.c @@ -111,7 +111,8 @@ int qemu_semihosting_console_read(CPUState *cs, void *buf, int len) int qemu_semihosting_console_write(void *buf, int len) { if (console.chr) { - return qemu_chr_write_all(console.chr, (uint8_t *)buf, len); + int r = qemu_chr_write_all(console.chr, (uint8_t *)buf, len); + return r < 0 ? 0 : r; } else { return fwrite(buf, 1, len, stderr); }
The documentation comment for qemu_semihosting_console_write() says * Returns: number of bytes written -- this should only ever be short * on some sort of i/o error. and the callsites rely on this. However, the implementation code path which sends console output to a chardev doesn't honour this, and will return negative values on error. Bring it into line with the other implementation codepaths and the documentation, so that it returns 0 on error. Spotted by Coverity, because console_write() passes the return value to unlock_user(), which doesn't accept a negative length. Resolves: Coverity CID 1490288 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> --- console_write() doesn't need to pass the length to unlock_user() at all, as it happens -- see the next patch. --- semihosting/console.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)