cfn/computing-offload
Code Issues Proposed changes
79c4324644
computing-offload/generic_vdpa/qemu/bugfix-fix-some-illegal-memory-access-and-memory-lea.patch
jiangdongxu 79c4324644 add generic_vdpa basecode 
Change-Id: I2d302dda68298877c65c99147f5bf22186a59aac
2024-09-19 17:19:46 +08:00

54 lines
2.1 KiB
Diff
Raw Blame History

From 0a0a490c805fadc7191489277e77fbf9688b39ab Mon Sep 17 00:00:00 2001
From: jiangdongxu <jiangdongxu1@huawei.com>
Date: Thu, 10 Feb 2022 21:32:37 +0800
Subject: [PATCH] bugfix: fix some illegal memory access and memory leak
Signed-off-by: yuxiating <yuxiating@huawei.com>
Signed-off-by: jiangdongxu <jiangdongxu1@huawei.com>
---
contrib/elf2dmp/main.c | 1 +
hw/display/cirrus_vga.c | 2 +-
util/range.c | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
index 20b477d582..3f0d1eb709 100644
--- a/contrib/elf2dmp/main.c
+++ b/contrib/elf2dmp/main.c
@@ -125,6 +125,7 @@ static KDDEBUGGER_DATA64 *get_kdbg(uint64_t KernBase, struct pdb_reader *pdb,
if (va_space_rw(vs, KdDebuggerDataBlock, kdbg, kdbg_hdr.Size, 0)) {
eprintf("Failed to extract entire KDBG\n");
+ free(kdbg);
return NULL;
}
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index fdca6ca659..c66ed801ef 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -834,7 +834,7 @@ static void cirrus_bitblt_cputovideo_next(CirrusVGAState * s)
word alignment, so we keep them for the next line */
/* XXX: keep alignment to speed up transfer */
end_ptr = s->cirrus_bltbuf + s->cirrus_blt_srcpitch;
- copy_count = s->cirrus_srcptr_end - end_ptr;
+ copy_count = MIN(s->cirrus_srcptr_end - end_ptr, CIRRUS_BLTBUFSIZE);
memmove(s->cirrus_bltbuf, end_ptr, copy_count);
s->cirrus_srcptr = s->cirrus_bltbuf + copy_count;
s->cirrus_srcptr_end = s->cirrus_bltbuf + s->cirrus_blt_srcpitch;
diff --git a/util/range.c b/util/range.c
index 098d9d2dc0..83d1a6c302 100644
--- a/util/range.c
+++ b/util/range.c
@@ -65,6 +65,7 @@ GList *range_list_insert(GList *list, Range *data)
range_extend(l->data, l->next->data);
g_free(l->next->data);
new_l = g_list_delete_link(list, l->next);
+ l->next = NULL;
assert(new_l == list);
}
--
2.27.0
View Git Blame Copy Permalink