On 26.09.23 04:26, Alistair Francis wrote:
On Tue, Sep 26, 2023 at 6:42 AM Vladimir Sementsov-Ogievskiy
<vsement...@yandex-team.ru> wrote:
Coverity mark this size, got from the buffer as untrasted value, it's
s/untrasted/untrusted/g
will fix.
not good to use it as length when writing to file. Make the assertion
more strict to also check upper bound.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsement...@yandex-team.ru>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Thanks!
---
softmmu/device_tree.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/softmmu/device_tree.c b/softmmu/device_tree.c
index 30aa3aea9f..adc4236e21 100644
--- a/softmmu/device_tree.c
+++ b/softmmu/device_tree.c
@@ -660,7 +660,7 @@ void qmp_dumpdtb(const char *filename, Error **errp)
size = fdt_totalsize(current_machine->fdt);
- g_assert(size > 0);
+ g_assert(size > 0 && size <= FDT_MAX_SIZE);
if (!g_file_set_contents(filename, current_machine->fdt, size, &err)) {
error_setg(errp, "Error saving FDT to file %s: %s",
--
2.34.1
--
Best regards,
Vladimir
