aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2016-07-12 13:02:16 +0100
committerRiku Voipio <riku.voipio@linaro.org>2016-08-04 16:36:26 +0300
commit332c9781f6a7c496adf605a1be72776598c7adc2 (patch)
tree87817914c04fd6135a714602e01bbb1cb2f690bd
parentba4b3f668abf1fcde204c8f3185ea6edeec6eaa3 (diff)
linux-user: Don't write off end of new_utsname buffer
Use g_strlcpy() rather than strcpy() to copy the uname string into the structure we return to the guest for the uname syscall. This avoids overrunning the buffer if the user passed us an overlong string via the QEMU command line. We fix a comment typo while we're in the neighbourhood. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
-rw-r--r--linux-user/syscall.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 092ff4ee21..5bc42c017e 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -9237,12 +9237,14 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
goto efault;
ret = get_errno(sys_uname(buf));
if (!is_error(ret)) {
- /* Overrite the native machine name with whatever is being
+ /* Overwrite the native machine name with whatever is being
emulated. */
strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
/* Allow the user to override the reported release. */
- if (qemu_uname_release && *qemu_uname_release)
- strcpy (buf->release, qemu_uname_release);
+ if (qemu_uname_release && *qemu_uname_release) {
+ g_strlcpy(buf->release, qemu_uname_release,
+ sizeof(buf->release));
+ }
}
unlock_user_struct(buf, arg1, 1);
}