s390x/s390-virtio-ccw: fix off-by-one in loadparm getter
authorHalil Pasic <pasic@linux.ibm.com>
Thu, 30 Jul 2020 13:01:56 +0000 (15:01 +0200)
committerCornelia Huck <cohuck@redhat.com>
Thu, 30 Jul 2020 14:53:34 +0000 (16:53 +0200)
commit148d25e0f6ad1dc3bd6aace092d65262d4217ec6
tree15e6ed3e53d141379516d66acc46b3d615a32b6d
parent5772f2b1fc5d00e7e04e01fa28e9081d6550440a
s390x/s390-virtio-ccw: fix off-by-one in loadparm getter

As pointed out by Peter, g_memdup(ms->loadparm, sizeof(ms->loadparm) + 1)
reads one past of the end of ms->loadparm, so g_memdup() can not be used
here.

Let's use g_strndup instead!

Fixes: d6645483285f ("s390x/s390-virtio-ccw: fix loadparm property getter")
Fixes: Coverity CID 1431058
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200730130156.35063-1-pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
hw/s390x/s390-virtio-ccw.c