diff options
author | Richard Henderson <richard.henderson@linaro.org> | 2022-04-27 21:06:58 -0700 |
---|---|---|
committer | Richard Henderson <richard.henderson@linaro.org> | 2022-06-28 04:35:06 +0530 |
commit | 3d5e2b4f26e077e9a8fd94659a1ce2dd49c134b7 (patch) | |
tree | 333971b2cfe01a404d37c3d17e385775e50f803f | |
parent | 5f9ca6f3c5111fadb0b1e76755ceaf738a98db4c (diff) |
semihosting: Simplify softmmu_lock_user_string
We are not currently bounding the search to the 1024 bytes
that we allocated, possibly overrunning the buffer.
Use softmmu_strlen_user to find the length and allocate the
correct size from the beginning.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-rw-r--r-- | semihosting/uaccess.c | 15 |
1 files changed, 3 insertions, 12 deletions
diff --git a/semihosting/uaccess.c b/semihosting/uaccess.c index d6997e3c65..8018828069 100644 --- a/semihosting/uaccess.c +++ b/semihosting/uaccess.c @@ -74,20 +74,11 @@ ssize_t softmmu_strlen_user(CPUArchState *env, target_ulong addr) char *softmmu_lock_user_string(CPUArchState *env, target_ulong addr) { - /* TODO: Make this something that isn't fixed size. */ - char *s = malloc(1024); - size_t len = 0; - - if (!s) { + ssize_t len = softmmu_strlen_user(env, addr); + if (len < 0) { return NULL; } - do { - if (cpu_memory_rw_debug(env_cpu(env), addr++, s + len, 1, 0)) { - free(s); - return NULL; - } - } while (s[len++]); - return s; + return softmmu_lock_user(env, addr, len + 1, true); } void softmmu_unlock_user(CPUArchState *env, void *p, |