[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] scsi: megasas: null terminate bios version buff
|
From: |
Peter Maydell |
|
Subject: |
Re: [Qemu-devel] [PATCH] scsi: megasas: null terminate bios version buffer |
|
Date: |
Tue, 7 Jun 2016 12:54:05 +0100 |
On 7 June 2016 at 12:14, P J P <address@hidden> wrote:
> From: Prasad J Pandit <address@hidden>
>
> While reading information via 'megasas_ctrl_get_info' routine,
> a local bios version buffer isn't null terminated. Add the
> terminating null byte to avoid any OOB access.
>
> Reported-by: Li Qiang <address@hidden>
> Signed-off-by: Prasad J Pandit <address@hidden>
> ---
> hw/scsi/megasas.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
> index cc66d36..a9ffc32 100644
> --- a/hw/scsi/megasas.c
> +++ b/hw/scsi/megasas.c
> @@ -773,6 +773,7 @@ static int megasas_ctrl_get_info(MegasasState *s,
> MegasasCmd *cmd)
>
> ptr = memory_region_get_ram_ptr(&pci_dev->rom);
> memcpy(biosver, ptr + 0x41, 31);
> + biosver[31] = 0;
> memcpy(info.image_component[1].name, "BIOS", 4);
> memcpy(info.image_component[1].version, biosver,
> strlen((const char *)biosver));
Reviewed-by: Peter Maydell <address@hidden>
thanks
-- PMM