From 7722837369eb1c7e808021d79da68afa0c01c26f Mon Sep 17 00:00:00 2001
From: Halil Pasic <pasic@linux.ibm.com>
Date: Fri, 20 Mar 2020 15:31:01 +0100
Subject: s390/ipl: fix off-by-one in update_machine_ipl_properties()

In update_machine_ipl_properties() the array ascii_loadparm needs to
hold the 8 char loadparm and a string terminating zero char.

Let's increase the size of ascii_loadparm accordingly.

Signed-off-by: Halil Pasic <pasic@linux.ibm.com>
Fixes: 0a01e082a428 ("s390/ipl: sync back loadparm")
Fixes: Coverity CID 1421966
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200320143101.41764-1-pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
---
 hw/s390x/ipl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'hw/s390x')

diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c
index b81942e..8c3e019 100644
--- a/hw/s390x/ipl.c
+++ b/hw/s390x/ipl.c
@@ -546,7 +546,7 @@ static void update_machine_ipl_properties(IplParameterBlock *iplb)
     /* Sync loadparm */
     if (iplb->flags & DIAG308_FLAGS_LP_VALID) {
         uint8_t *ebcdic_loadparm = iplb->loadparm;
-        char ascii_loadparm[8];
+        char ascii_loadparm[9];
         int i;
 
         for (i = 0; i < 8 && ebcdic_loadparm[i]; i++) {
-- 
cgit v1.1