Mailing List Archive

[qemu-xen master] hw/xen/xen_pt: fix uninitialized variable
commit 8c51cd970509b97d8378d175646ec32889828158
Author: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
AuthorDate: Fri Jan 27 06:08:14 2023 +0100
Commit: Anthony PERARD <anthony.perard@citrix.com>
CommitDate: Mon Mar 27 14:26:19 2023 +0100

hw/xen/xen_pt: fix uninitialized variable

xen_pt_config_reg_init() reads only that many bytes as the size of the
register that is being initialized. It uses
xen_host_pci_get_{byte,word,long} and casts its last argument to
expected pointer type. This means for smaller registers higher bits of
'val' are not initialized. Then, the function fails if any of those
higher bits are set.

Fix this by initializing 'val' with zero.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Message-Id: <20230127050815.4155276-1-marmarek@invisiblethingslab.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
(cherry picked from commit 3856734d80fbf46683e4080117ed961f5ab1300b)
---
hw/xen/xen_pt_config_init.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
index cde898b744..8b9b554352 100644
--- a/hw/xen/xen_pt_config_init.c
+++ b/hw/xen/xen_pt_config_init.c
@@ -1924,7 +1924,7 @@ static void xen_pt_config_reg_init(XenPCIPassthroughState *s,
if (reg->init) {
uint32_t host_mask, size_mask;
unsigned int offset;
- uint32_t val;
+ uint32_t val = 0;

/* initialize emulate register */
rc = reg->init(s, reg_entry->reg,
--
generated by git-patchbot for /home/xen/git/qemu-xen.git#master