From: Michael Clark <mjc@sifive.com>
Date: Mon, 19 Mar 2018 21:18:49 +0000 (-0700)
Subject: RISC-V: Fix riscv_isa_string memory size bug
X-Git-Tag: v2.12.0-rc0~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d1fd31f82219c306aed7c35c370852d2f8d331a8;p=thirdparty%2Fqemu.git

RISC-V: Fix riscv_isa_string memory size bug

This version uses a constant size memory buffer sized for
the maximum possible ISA string length. It also uses g_new
instead of g_new0, uses more efficient logic to append
extensions and adds manual zero termination of the string.

Cc: Palmer Dabbelt <palmer@sifive.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Clark <mjc@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[PMM: Use qemu_tolower() rather than tolower()]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---

diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 4851890844e..9de34d70992 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -391,16 +391,16 @@ static const TypeInfo riscv_cpu_type_info = {
 char *riscv_isa_string(RISCVCPU *cpu)
 {
     int i;
-    size_t maxlen = 5 + ctz32(cpu->env.misa);
-    char *isa_string = g_new0(char, maxlen);
-    snprintf(isa_string, maxlen, "rv%d", TARGET_LONG_BITS);
+    const size_t maxlen = sizeof("rv128") + sizeof(riscv_exts) + 1;
+    char *isa_str = g_new(char, maxlen);
+    char *p = isa_str + snprintf(isa_str, maxlen, "rv%d", TARGET_LONG_BITS);
     for (i = 0; i < sizeof(riscv_exts); i++) {
         if (cpu->env.misa & RV(riscv_exts[i])) {
-            isa_string[strlen(isa_string)] = riscv_exts[i] - 'A' + 'a';
-
+            *p++ = qemu_tolower(riscv_exts[i]);
         }
     }
-    return isa_string;
+    *p = '\0';
+    return isa_str;
 }
 
 void riscv_cpu_list(FILE *f, fprintf_function cpu_fprintf)