[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 3/5] linux-user: Don't write off end of new_utsname b
From: |
riku . voipio |
Subject: |
[Qemu-devel] [PULL 3/5] linux-user: Don't write off end of new_utsname buffer |
Date: |
Thu, 4 Aug 2016 17:15:03 +0300 |
From: Peter Maydell <address@hidden>
Use g_strlcpy() rather than strcpy() to copy the uname string
into the structure we return to the guest for the uname syscall.
This avoids overrunning the buffer if the user passed us an
overlong string via the QEMU command line.
We fix a comment typo while we're in the neighbourhood.
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>
---
linux-user/syscall.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 092ff4e..5bc42c0 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -9237,12 +9237,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_long
arg1,
goto efault;
ret = get_errno(sys_uname(buf));
if (!is_error(ret)) {
- /* Overrite the native machine name with whatever is being
+ /* Overwrite the native machine name with whatever is being
emulated. */
strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
/* Allow the user to override the reported release. */
- if (qemu_uname_release && *qemu_uname_release)
- strcpy (buf->release, qemu_uname_release);
+ if (qemu_uname_release && *qemu_uname_release) {
+ g_strlcpy(buf->release, qemu_uname_release,
+ sizeof(buf->release));
+ }
}
unlock_user_struct(buf, arg1, 1);
}
--
2.1.4
- [Qemu-devel] [PULL 0/5] linux-user fixes for 2.7, riku . voipio, 2016/08/04
- [Qemu-devel] [PULL 1/5] linux-user: Use correct alignment for long long on i386 guests, riku . voipio, 2016/08/04
- [Qemu-devel] [PULL 3/5] linux-user: Don't write off end of new_utsname buffer,
riku . voipio <=
- [Qemu-devel] [PULL 4/5] linux-user: Fix target_semid_ds structure definition, riku . voipio, 2016/08/04
- [Qemu-devel] [PULL 5/5] linux-user: Handle brk() attempts with very large sizes, riku . voipio, 2016/08/04
- [Qemu-devel] [PULL 2/5] linux-user: Fix memchr() argument in open_self_cmdline(), riku . voipio, 2016/08/04
- Re: [Qemu-devel] [PULL 0/5] linux-user fixes for 2.7, Peter Maydell, 2016/08/05