mirror of
https://github.com/qemu/qemu.git
synced 2024-11-23 19:03:38 +08:00
semihosting: Simplify softmmu_lock_user_string
We are not currently bounding the search to the 1024 bytes that we allocated, possibly overrunning the buffer. Use softmmu_strlen_user to find the length and allocate the correct size from the beginning. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This commit is contained in:
parent
5f9ca6f3c5
commit
3d5e2b4f26
@ -74,20 +74,11 @@ ssize_t softmmu_strlen_user(CPUArchState *env, target_ulong addr)
|
|||||||
|
|
||||||
char *softmmu_lock_user_string(CPUArchState *env, target_ulong addr)
|
char *softmmu_lock_user_string(CPUArchState *env, target_ulong addr)
|
||||||
{
|
{
|
||||||
/* TODO: Make this something that isn't fixed size. */
|
ssize_t len = softmmu_strlen_user(env, addr);
|
||||||
char *s = malloc(1024);
|
if (len < 0) {
|
||||||
size_t len = 0;
|
|
||||||
|
|
||||||
if (!s) {
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
do {
|
return softmmu_lock_user(env, addr, len + 1, true);
|
||||||
if (cpu_memory_rw_debug(env_cpu(env), addr++, s + len, 1, 0)) {
|
|
||||||
free(s);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
} while (s[len++]);
|
|
||||||
return s;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void softmmu_unlock_user(CPUArchState *env, void *p,
|
void softmmu_unlock_user(CPUArchState *env, void *p,
|
||||||
|
Loading…
Reference in New Issue
Block a user