On 3/9/21 19:44, Philippe Mathieu-Daudé wrote:
Per
https://discourse.gnome.org/t/port-your-module-from-g-memdup-to-g-memdup2-now/5538
The old API took the size of the memory to duplicate as a guint,
whereas most memory functions take memory sizes as a gsize. This
made it easy to accidentally pass a gsize to g_memdup(). For large
values, that would lead to a silent truncation of the size from 64
to 32 bits, and result in a heap area being returned which is
significantly smaller than what the caller expects. This can likely
be exploited in various modules to cause a heap buffer overflow.
g_memdup() as been deprecated in GLib 2.68. Since QEMU defines
GLIB_VERSION_MAX_ALLOWED to GLIB_VERSION_2_56, the deprecation
is not displayed (on GLib >= 2.68 such available on Fedora 34).
However the function is still unsafe, so it is better to avoid
its use.
This series provides the safely equivalent g_memdup2() wrapper,
and replace all g_memdup() calls by it.
Philippe Mathieu-Daudé (28):
block/qcow2-bitmap: Replace g_memdup() by g_memdup2()
hw/hppa/machine: Replace g_memdup() by g_memdup2()
hw/ppc/spapr_pci: Replace g_memdup() by g_memdup2()
target/ppc: Replace g_memdup() by g_memdup2()
Thanks, patches 5, 11, 15 & 26 queued to hw-misc tree
adding the comment suggested by Eric on patch 5.
