[xen master] x86emul: always fill x86_insn_modrm()'s outputs

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[xen master] x86emul: always fill x86_insn_modrm()'s outputs

patchbot
commit 818ff653a7afa51e11631e4ed373f70fd45e3a21
Author:     Jan Beulich <[hidden email]>
AuthorDate: Wed Apr 19 13:25:44 2017 +0200
Commit:     Jan Beulich <[hidden email]>
CommitDate: Wed Apr 19 13:25:44 2017 +0200

    x86emul: always fill x86_insn_modrm()'s outputs
   
    The function is rather unlikely to be called for insns which don't have
    ModRM bytes, and hence addressing Coverity's recurring complaint of
    callers potentially consuming uninitialized data when they know that
    certain opcodes have ModRM bytes can be suppressed this way without
    unduly adding overhead to fast paths.
   
    Signed-off-by: Jan Beulich <[hidden email]>
    Reviewed-by: Andrew Cooper <[hidden email]>
    Release-acked-by: Julien Grall <[hidden email]>
---
 xen/arch/x86/x86_emulate/x86_emulate.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
index 6f10761..c822221 100644
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -8017,8 +8017,14 @@ x86_insn_modrm(const struct x86_emulate_state *state,
 {
     check_state(state);
 
-    if ( state->modrm_mod > 3 )
+    if ( unlikely(state->modrm_mod > 3) )
+    {
+        if ( rm )
+            *rm = ~0U;
+        if ( reg )
+            *reg = ~0U;
         return -EINVAL;
+    }
 
     if ( rm )
         *rm = state->modrm_rm;
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
[hidden email]
https://lists.xenproject.org/xen-changelog