aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2016-07-12 13:02:19 +0100
committerRiku Voipio <riku.voipio@linaro.org>2016-08-04 16:35:30 +0300
commitba4b3f668abf1fcde204c8f3185ea6edeec6eaa3 (patch)
tree11ec68a1e5bf6aad9d4c73de9b00d5281baa0bf4
parentd9fe91d8689b078acfd27bc7c4a4e1efd5bbcf65 (diff)
downloadqemu-ba4b3f668abf1fcde204c8f3185ea6edeec6eaa3.zip
qemu-ba4b3f668abf1fcde204c8f3185ea6edeec6eaa3.tar.gz
qemu-ba4b3f668abf1fcde204c8f3185ea6edeec6eaa3.tar.bz2
linux-user: Fix memchr() argument in open_self_cmdline()
In open_self_cmdline() we look for a 0 in the buffer we read from /prc/self/cmdline. We were incorrectly passing the length of our buf[] array to memchr() as the length to search, rather than the number of bytes we actually read into it, which could be shorter. This was spotted by Coverity (because it could result in our trying to pass a negative length argument to write()). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
-rw-r--r--linux-user/syscall.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index ca6a2b4..092ff4e 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -6856,7 +6856,7 @@ static int open_self_cmdline(void *cpu_env, int fd)
if (!word_skipped) {
/* Skip the first string, which is the path to qemu-*-static
instead of the actual command. */
- cp_buf = memchr(buf, 0, sizeof(buf));
+ cp_buf = memchr(buf, 0, nb_read);
if (cp_buf) {
/* Null byte found, skip one string */
cp_buf++;