CC qemu-stable - this needs cherry-picking into all active stable
branches once accepted.
On Mon, Mar 24, 2025 at 09:12:53AM +0000, Daniel P. Berrangé wrote:
> On Sun, Mar 23, 2025 at 10:35:54PM +0100, Daan De Meyer wrote:
> > We have to make sure the array of bytes read from the path= file
> > is null-terminated, otherwise we run into a buffer overrun later on.
> >
> > Fixes: bb99f4772f54017490e3356ecbb3df25c5d4537f ("hw/smbios: support
> > loading OEM strings values from a file")
> > Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2879
> >
> > Signed-off-by: Daan De Meyer <[email protected]>
> > ---
> > hw/smbios/smbios.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
> > index 02a09eb9cd..ad4cd6721e 100644
> > --- a/hw/smbios/smbios.c
> > +++ b/hw/smbios/smbios.c
> > @@ -1285,6 +1285,9 @@ static int save_opt_one(void *opaque,
> > g_byte_array_append(data, (guint8 *)buf, ret);
> > }
> >
> > + buf[0] = '\0';
> > + g_byte_array_append(data, (guint8 *)buf, 1);
> > +
> > qemu_close(fd);
> >
> > *opt->dest = g_renew(char *, *opt->dest, (*opt->ndest) + 1);
>
> Reviewed-by: Daniel P. Berrangé <[email protected]>
>
> With regards,
> Daniel
> --
> |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org -o- https://fstop138.berrange.com :|
> |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
>
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
