On 11/27/18 7:04 AM, Greg Kurz wrote:
As explained in HACKING, the g_malloc(sizeof(T) * n) construct is unsafe
because it can't detect multiplication overflowing size_t and doesn't
allow type checking.
It appears to be used in a bunch of places though:
$ git grep -E 'malloc.*sizeof' | grep ' \* ' | wc -l
101
This series fixes the ppc target and ppc machine code. The changes are
mostly trivial. Only the mac99 and e500 machines required some more work
that should be reviewed carefully, as it was only compile-tested.
Did you do this all manually, or did you try to use Coccinelle? Hmm -
we have a Coccinelle script for this mentioned in commit b45c03f (most
recently reused in bdd81add) - but it is not yet in scripts/coccinelle/.
Maybe that would be worth doing now.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
