Commit 0e0d2d62 authored by Markus Armbruster's avatar Markus Armbruster Committed by Blue Swirl
Browse files

sun4: Fix unchecked strdup() by switching to fw_cfg_add_string() 



Signed-off-by: default avatarMarkus Armbruster <armbru@redhat.com>
Signed-off-by: default avatarBlue Swirl <blauwirbel@gmail.com>
parent 96f80586

hw/sun4m.c

+3 −9
Original line number Diff line number Diff line
@@ -1030,9 +1030,7 @@ static void sun4m_hw_init(const struct sun4m_hwdef *hwdef, ram_addr_t RAM_size, 
    if (kernel_cmdline) {

        fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_CMDLINE, CMDLINE_ADDR);

        pstrcpy_targphys("cmdline", CMDLINE_ADDR, TARGET_PAGE_SIZE, kernel_cmdline);

        fw_cfg_add_bytes(fw_cfg, FW_CFG_CMDLINE_DATA,

                         (uint8_t*)strdup(kernel_cmdline),

                         strlen(kernel_cmdline) + 1);

        fw_cfg_add_string(fw_cfg, FW_CFG_CMDLINE_DATA, kernel_cmdline);

        fw_cfg_add_i32(fw_cfg, FW_CFG_CMDLINE_SIZE,

                       strlen(kernel_cmdline) + 1);

    } else {
@@ -1676,9 +1674,7 @@ static void sun4d_hw_init(const struct sun4d_hwdef *hwdef, ram_addr_t RAM_size, 
    if (kernel_cmdline) {

        fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_CMDLINE, CMDLINE_ADDR);

        pstrcpy_targphys("cmdline", CMDLINE_ADDR, TARGET_PAGE_SIZE, kernel_cmdline);

        fw_cfg_add_bytes(fw_cfg, FW_CFG_CMDLINE_DATA,

                         (uint8_t*)strdup(kernel_cmdline),

                         strlen(kernel_cmdline) + 1);

        fw_cfg_add_string(fw_cfg, FW_CFG_CMDLINE_DATA, kernel_cmdline);

    } else {

        fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_CMDLINE, 0);

    }
@@ -1878,9 +1874,7 @@ static void sun4c_hw_init(const struct sun4c_hwdef *hwdef, ram_addr_t RAM_size, 
    if (kernel_cmdline) {

        fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_CMDLINE, CMDLINE_ADDR);

        pstrcpy_targphys("cmdline", CMDLINE_ADDR, TARGET_PAGE_SIZE, kernel_cmdline);

        fw_cfg_add_bytes(fw_cfg, FW_CFG_CMDLINE_DATA,

                         (uint8_t*)strdup(kernel_cmdline),

                         strlen(kernel_cmdline) + 1);

        fw_cfg_add_string(fw_cfg, FW_CFG_CMDLINE_DATA, kernel_cmdline);

    } else {

        fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_CMDLINE, 0);

    }

hw/sun4u.c

+1 −3
Original line number Diff line number Diff line
@@ -886,9 +886,7 @@ static void sun4uv_init(MemoryRegion *address_space_mem, 
    if (kernel_cmdline) {

        fw_cfg_add_i32(fw_cfg, FW_CFG_CMDLINE_SIZE,

                       strlen(kernel_cmdline) + 1);

        fw_cfg_add_bytes(fw_cfg, FW_CFG_CMDLINE_DATA,

                         (uint8_t*)strdup(kernel_cmdline),

                         strlen(kernel_cmdline) + 1);

        fw_cfg_add_string(fw_cfg, FW_CFG_CMDLINE_DATA, kernel_cmdline);

    } else {

        fw_cfg_add_i32(fw_cfg, FW_CFG_CMDLINE_SIZE, 0);

    }