On 07/02/2018 17:06, Brijesh Singh wrote:
>
> sum = 0;
> for(addr = start; addr < (start + size); addr++) {
> - uint8_t val = address_space_ldub(&address_space_memory, addr,
> - MEMTXATTRS_UNSPECIFIED, NULL);
> + uint8_t buf[0];
> + uint8_t val;
> + cpu_physical_memory_read_debug(addr, buf, 1);
> + val = ldub_p(buf);
This is a buffer overflow on "buf". All you need is
cpu_physical_memory_read_debug(addr, &val, 1);
Thanks,
Paolo
> /* BSD sum algorithm ('sum' Unix command) */
> sum = (sum >> 1) | (sum << 15);
