qemu_smbios_type11_opts did not the list terminator and that resulted in
out-of-bound memory access. qemu_smbios_type11_opts also needs to have
an element for the type option.
Fixes: 2d6dcbf93fb0 ("smbios: support setting OEM strings table")
Signed-off-by: Akihiko Odaki <akihiko.od...@daynix.com>
---
hw/smbios/smbios.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
index 2a90601ac5d9..522ed1ed9fe3 100644
--- a/hw/smbios/smbios.c
+++ b/hw/smbios/smbios.c
@@ -369,6 +369,11 @@ static const QemuOptDesc qemu_smbios_type8_opts[] = {
};
static const QemuOptDesc qemu_smbios_type11_opts[] = {
+ {
+ .name = "type",
+ .type = QEMU_OPT_NUMBER,
+ .help = "SMBIOS element type",
+ },
{
.name = "value",
.type = QEMU_OPT_STRING,
@@ -379,6 +384,7 @@ static const QemuOptDesc qemu_smbios_type11_opts[] = {
.type = QEMU_OPT_STRING,
.help = "OEM string data from file",
},
+ { /* end of list */ }
};
static const QemuOptDesc qemu_smbios_type17_opts[] = {
--
2.43.0
