28.01.2024 10:15, Akihiko Odaki:
qemu_smbios_type11_opts did not the list terminator and that resulted in
..did not *have* the list terminator.., here and in 2/2.
out-of-bound memory access. qemu_smbios_type11_opts also needs to have
an element for the type option.
Fixes: 2d6dcbf93fb0 ("smbios: support setting OEM strings table")
Wow. That's long ago..
This is a -stable material.
And since it's exactly the same 2 problems in 2 nearby places, it can
be combined into a single patch, but it definitely works this way too,
just a question of taste.
Reviewed-by: Michael Tokarev <m...@tls.msk.ru>
Signed-off-by: Akihiko Odaki <akihiko.od...@daynix.com>
---
hw/smbios/smbios.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
index 2a90601ac5d9..522ed1ed9fe3 100644
--- a/hw/smbios/smbios.c
+++ b/hw/smbios/smbios.c
@@ -369,6 +369,11 @@ static const QemuOptDesc qemu_smbios_type8_opts[] = {
};
static const QemuOptDesc qemu_smbios_type11_opts[] = {
+ {
+ .name = "type",
+ .type = QEMU_OPT_NUMBER,
+ .help = "SMBIOS element type",
+ },
{
.name = "value",
.type = QEMU_OPT_STRING,
@@ -379,6 +384,7 @@ static const QemuOptDesc qemu_smbios_type11_opts[] = {
.type = QEMU_OPT_STRING,
.help = "OEM string data from file",
},
+ { /* end of list */ }
};
static const QemuOptDesc qemu_smbios_type17_opts[] = {
