diff options
author | An-Cheng Huang <ancheng@ubnt.com> | 2011-08-09 12:32:38 -0700 |
---|---|---|
committer | Riku Voipio <riku.voipio@linaro.org> | 2011-09-09 10:47:54 +0300 |
commit | 94c19610a6973ad917d9c154eabfc2ee27bc4f59 (patch) | |
tree | 7906d81c0407a26c0c658bcb17d8f7cebe72eca9 /linux-user | |
parent | 29fb0f25303a76edb100362eaea59b6f74bdb823 (diff) | |
download | qemu-94c19610a6973ad917d9c154eabfc2ee27bc4f59.zip qemu-94c19610a6973ad917d9c154eabfc2ee27bc4f59.tar.gz qemu-94c19610a6973ad917d9c154eabfc2ee27bc4f59.tar.bz2 |
linux-user: Verify MIPS syscall arguments
On MIPS, some syscall arguments are taken from the stack. This patch adds
verification such that do_syscall() is only invoked if all arguments
have been successfully taken from the stack.
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: An-Cheng Huang <ancheng@ubnt.com>
Diffstat (limited to 'linux-user')
-rw-r--r-- | linux-user/main.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/linux-user/main.c b/linux-user/main.c index 3df91f3..0cc9148 100644 --- a/linux-user/main.c +++ b/linux-user/main.c @@ -2170,11 +2170,22 @@ void cpu_loop(CPUMIPSState *env) sp_reg = env->active_tc.gpr[29]; switch (nb_args) { /* these arguments are taken from the stack */ - /* FIXME - what to do if get_user() fails? */ - case 8: get_user_ual(arg8, sp_reg + 28); - case 7: get_user_ual(arg7, sp_reg + 24); - case 6: get_user_ual(arg6, sp_reg + 20); - case 5: get_user_ual(arg5, sp_reg + 16); + case 8: + if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) { + goto done_syscall; + } + case 7: + if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) { + goto done_syscall; + } + case 6: + if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) { + goto done_syscall; + } + case 5: + if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) { + goto done_syscall; + } default: break; } @@ -2185,6 +2196,7 @@ void cpu_loop(CPUMIPSState *env) env->active_tc.gpr[7], arg5, arg6, arg7, arg8); } +done_syscall: if (ret == -TARGET_QEMU_ESIGRETURN) { /* Returning from a successful sigreturn syscall. Avoid clobbering register state. */ |