[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-ppc] [PULL 20/33] target-ppc: kvm: Fix memory overflow issue about
|
From: |
Alexander Graf |
|
Subject: |
[Qemu-ppc] [PULL 20/33] target-ppc: kvm: Fix memory overflow issue about strncat() |
|
Date: |
Tue, 4 Nov 2014 20:26:38 +0100 |
From: Chen Gang <address@hidden>
strncat() will append additional '\0' to destination buffer, so need
additional 1 byte for it, or may cause memory overflow, just like other
area within QEMU have done.
And can use g_strdup_printf() instead of strncat(), which may be more
easier understanding.
Signed-off-by: Chen Gang <address@hidden>
Signed-off-by: Alexander Graf <address@hidden>
---
target-ppc/kvm.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index 9c23c6b..6843fa0 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -1782,7 +1782,7 @@ static int kvmppc_find_cpu_dt(char *buf, int buf_len)
* format) */
static uint64_t kvmppc_read_int_cpu_dt(const char *propname)
{
- char buf[PATH_MAX];
+ char buf[PATH_MAX], *tmp;
union {
uint32_t v32;
uint64_t v64;
@@ -1794,10 +1794,10 @@ static uint64_t kvmppc_read_int_cpu_dt(const char
*propname)
return -1;
}
- strncat(buf, "/", sizeof(buf) - strlen(buf));
- strncat(buf, propname, sizeof(buf) - strlen(buf));
+ tmp = g_strdup_printf("%s/%s", buf, propname);
- f = fopen(buf, "rb");
+ f = fopen(tmp, "rb");
+ g_free(tmp);
if (!f) {
return -1;
}
--
1.8.1.4
- [Qemu-ppc] [PULL 04/33] ppc: rename gen_set_cr6_from_fpscr, (continued)
- [Qemu-ppc] [PULL 04/33] ppc: rename gen_set_cr6_from_fpscr, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 12/33] target-ppc : Add new processor type 440x5wDFPU, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 14/33] target-ppc: Use macros in opcodes table handling code, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 05/33] ppc: compute mask from BI using right shift, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 17/33] PPC: E500: Instantiate MPC8XXX gpio controller on virt machine, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 24/33] sysbus: Make devices spawnable via -device, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 15/33] target-ppc: Fix an invalid free in opcode table handling code., Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 26/33] sysbus: Expose MMIO enumeration helper, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 27/33] sysbus: Add new platform bus helper device, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 09/33] spapr: Cleanup machine naming conventions, and prepare for 2.2 release, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 20/33] target-ppc: kvm: Fix memory overflow issue about strncat(),
Alexander Graf <=
- [Qemu-ppc] [PULL 23/33] sysbus: Add dynamic sysbus device search, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 30/33] target-ppc: simplify AES emulation, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 21/33] ppc: do not look at the MMU index to detect PR/HV mode, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 28/33] PPC: e500: Support dynamically spawned sysbus devices, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 33/33] target-ppc: Fix Altivec Round Opcodes, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 31/33] target-ppc: Fix Altivec Shifts, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 25/33] sysbus: Expose IRQ enumeration helpers, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 29/33] e500: Add support for eTSEC in device tree, Alexander Graf, 2014/11/04
- [Qemu-ppc] [PULL 32/33] target-ppc: Fix vcmpbfp. Unordered Case, Alexander Graf, 2014/11/04
- Re: [Qemu-ppc] [PULL 2.2 00/33] ppc patch queue 2014-11-04 for 2.2, Peter Maydell, 2014/11/04