diff options
Diffstat (limited to 'hw')
| -rw-r--r-- | hw/sun4m.c | 15 | ||||
| -rw-r--r-- | hw/sun4u.c | 15 | ||||
| -rw-r--r-- | hw/usb-net.c | 8 | ||||
| -rw-r--r-- | hw/vga.c | 8 |
4 files changed, 28 insertions, 18 deletions
diff --git a/hw/sun4m.c b/hw/sun4m.c index 33abf0101c..21f88993a2 100644 --- a/hw/sun4m.c +++ b/hw/sun4m.c @@ -159,7 +159,8 @@ static int nvram_boot_set(void *opaque, const char *boot_device) for (i = 0; i < sizeof(image); i++) image[i] = m48t59_read(nvram, i) & 0xff; - strcpy((char *)header->boot_devices, boot_device); + pstrcpy((char *)header->boot_devices, sizeof(header->boot_devices), + boot_device); header->nboot_devices = strlen(boot_device) & 0xff; header->crc = cpu_to_be16(OHW_compute_crc(header, 0x00, 0xF8)); @@ -187,17 +188,19 @@ static void nvram_init(m48t59_t *nvram, uint8_t *macaddr, const char *cmdline, memset(image, '\0', sizeof(image)); // Try to match PPC NVRAM - strcpy((char *)header->struct_ident, "QEMU_BIOS"); + pstrcpy((char *)header->struct_ident, sizeof(header->struct_ident), + "QEMU_BIOS"); header->struct_version = cpu_to_be32(3); /* structure v3 */ header->nvram_size = cpu_to_be16(0x2000); header->nvram_arch_ptr = cpu_to_be16(sizeof(ohwcfg_v3_t)); header->nvram_arch_size = cpu_to_be16(sizeof(struct sparc_arch_cfg)); - strcpy((char *)header->arch, arch); + pstrcpy((char *)header->arch, sizeof(header->arch), arch); header->nb_cpus = smp_cpus & 0xff; header->RAM0_base = 0; header->RAM0_size = cpu_to_be64((uint64_t)RAM_size); - strcpy((char *)header->boot_devices, boot_devices); + pstrcpy((char *)header->boot_devices, sizeof(header->boot_devices), + boot_devices); header->nboot_devices = strlen(boot_devices) & 0xff; header->kernel_image = cpu_to_be64((uint64_t)KERNEL_LOAD_ADDR); header->kernel_size = cpu_to_be64((uint64_t)kernel_size); @@ -225,7 +228,7 @@ static void nvram_init(m48t59_t *nvram, uint8_t *macaddr, const char *cmdline, // Variable partition part_header = (struct OpenBIOS_nvpart_v1 *)&image[start]; part_header->signature = OPENBIOS_PART_SYSTEM; - strcpy(part_header->name, "system"); + pstrcpy(part_header->name, sizeof(part_header->name), "system"); end = start + sizeof(struct OpenBIOS_nvpart_v1); for (i = 0; i < nb_prom_envs; i++) @@ -241,7 +244,7 @@ static void nvram_init(m48t59_t *nvram, uint8_t *macaddr, const char *cmdline, start = end; part_header = (struct OpenBIOS_nvpart_v1 *)&image[start]; part_header->signature = OPENBIOS_PART_FREE; - strcpy(part_header->name, "free"); + pstrcpy(part_header->name, sizeof(part_header->name), "free"); end = 0x1fd0; OpenBIOS_finish_partition(part_header, end - start); diff --git a/hw/sun4u.c b/hw/sun4u.c index 71b5c792e4..42a765d11c 100644 --- a/hw/sun4u.c +++ b/hw/sun4u.c @@ -82,7 +82,8 @@ static int nvram_boot_set(void *opaque, const char *boot_device) for (i = 0; i < sizeof(image); i++) image[i] = m48t59_read(nvram, i) & 0xff; - strcpy((char *)header->boot_devices, boot_device); + pstrcpy((char *)header->boot_devices, sizeof(header->boot_devices), + boot_device); header->nboot_devices = strlen(boot_device) & 0xff; header->crc = cpu_to_be16(OHW_compute_crc(header, 0x00, 0xF8)); @@ -115,17 +116,19 @@ static int sun4u_NVRAM_set_params (m48t59_t *nvram, uint16_t NVRAM_size, memset(image, '\0', sizeof(image)); // Try to match PPC NVRAM - strcpy((char *)header->struct_ident, "QEMU_BIOS"); + pstrcpy((char *)header->struct_ident, sizeof(header->struct_ident), + "QEMU_BIOS"); header->struct_version = cpu_to_be32(3); /* structure v3 */ header->nvram_size = cpu_to_be16(NVRAM_size); header->nvram_arch_ptr = cpu_to_be16(sizeof(ohwcfg_v3_t)); header->nvram_arch_size = cpu_to_be16(sizeof(struct sparc_arch_cfg)); - strcpy((char *)header->arch, arch); + pstrcpy((char *)header->arch, sizeof(header->arch), arch); header->nb_cpus = smp_cpus & 0xff; header->RAM0_base = 0; header->RAM0_size = cpu_to_be64((uint64_t)RAM_size); - strcpy((char *)header->boot_devices, boot_devices); + pstrcpy((char *)header->boot_devices, sizeof(header->boot_devices), + boot_devices); header->nboot_devices = strlen(boot_devices) & 0xff; header->kernel_image = cpu_to_be64((uint64_t)kernel_image); header->kernel_size = cpu_to_be64((uint64_t)kernel_size); @@ -156,7 +159,7 @@ static int sun4u_NVRAM_set_params (m48t59_t *nvram, uint16_t NVRAM_size, // Variable partition part_header = (struct OpenBIOS_nvpart_v1 *)&image[start]; part_header->signature = OPENBIOS_PART_SYSTEM; - strcpy(part_header->name, "system"); + pstrcpy(part_header->name, sizeof(part_header->name), "system"); end = start + sizeof(struct OpenBIOS_nvpart_v1); for (i = 0; i < nb_prom_envs; i++) @@ -172,7 +175,7 @@ static int sun4u_NVRAM_set_params (m48t59_t *nvram, uint16_t NVRAM_size, start = end; part_header = (struct OpenBIOS_nvpart_v1 *)&image[start]; part_header->signature = OPENBIOS_PART_FREE; - strcpy(part_header->name, "free"); + pstrcpy(part_header->name, sizeof(part_header->name), "free"); end = 0x1fd0; OpenBIOS_finish_partition(part_header, end - start); diff --git a/hw/usb-net.c b/hw/usb-net.c index 7c25f3d10f..27dea109ef 100644 --- a/hw/usb-net.c +++ b/hw/usb-net.c @@ -625,7 +625,8 @@ typedef struct USBNetState { } USBNetState; static int ndis_query(USBNetState *s, uint32_t oid, - uint8_t *inbuf, unsigned int inlen, uint8_t *outbuf) + uint8_t *inbuf, unsigned int inlen, uint8_t *outbuf, + size_t outlen) { unsigned int i, count; @@ -680,7 +681,7 @@ static int ndis_query(USBNetState *s, uint32_t oid, /* mandatory */ case OID_GEN_VENDOR_DESCRIPTION: - strcpy(outbuf, "QEMU USB RNDIS Net"); + pstrcpy(outbuf, outlen, "QEMU USB RNDIS Net"); return strlen(outbuf) + 1; case OID_GEN_VENDOR_DRIVER_VERSION: @@ -882,7 +883,8 @@ static int rndis_query_response(USBNetState *s, return USB_RET_STALL; infobuflen = ndis_query(s, le32_to_cpu(buf->OID), - bufoffs + (uint8_t *) buf, buflen, infobuf); + bufoffs + (uint8_t *) buf, buflen, infobuf, + sizeof(infobuf)); resplen = sizeof(rndis_query_cmplt_type) + ((infobuflen < 0) ? 0 : infobuflen); resp = rndis_queue_response(s, resplen); @@ -1726,7 +1726,8 @@ static void vga_update_text(void *opaque, console_ch_t *chardata) if (!full_update) return; - sprintf(msg_buffer, "%i x %i Text mode", width, height); + snprintf(msg_buffer, sizeof(msg_buffer), "%i x %i Text mode", + width, height); break; } @@ -1799,14 +1800,15 @@ static void vga_update_text(void *opaque, console_ch_t *chardata) return; s->get_resolution(s, &width, &height); - sprintf(msg_buffer, "%i x %i Graphic mode", width, height); + snprintf(msg_buffer, sizeof(msg_buffer), "%i x %i Graphic mode", + width, height); break; case GMODE_BLANK: default: if (!full_update) return; - sprintf(msg_buffer, "VGA Blank mode"); + snprintf(msg_buffer, sizeof(msg_buffer), "VGA Blank mode"); break; } |