qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 4/4] semihosting: Fix handling of buffer in TARGET_SYS_TMPNAM

From: Richard Henderson
Subject: Re: [PATCH 4/4] semihosting: Fix handling of buffer in TARGET_SYS_TMPNAM
Date: Sun, 24 Jul 2022 14:55:30 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 
On 7/19/22 17:41, Peter Maydell wrote:

The TARGET_SYS_TMPNAM implementation has two bugs spotted by
Coverity:
  * confusion about whether 'len' has the length of the string
    including or excluding the terminating NUL means we
    lock_user() len bytes of memory but memcpy() len + 1 bytes
  * In the error-exit cases we forget to free() the buffer
    that asprintf() returned to us

Resolves: Coverity CID 1490285, 1490289
Signed-off-by: Peter Maydell<peter.maydell@linaro.org>
---
  semihosting/arm-compat-semi.c | 13 +++++++++++--
  1 file changed, 11 insertions(+), 2 deletions(-)


Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

r~
reply via email to
[Prev in Thread] Current Thread [Next in Thread]