On Wed, Feb 16, 2011 at 12:23 PM, M. Mohan Kumar <mo...@in.ibm.com> wrote: > +/* Helper routine to fill V9fsFileObjectRequest structure */ > +static void fill_request(V9fsFileObjectRequest *request, const char *path, > + FsCred *credp) > +{ > + memset(request, 0, sizeof(*request)); > + request->data.path_len = strlen(path); > + strcpy(request->path.path, (path));
It's not obvious that this strcpy() is safe. I tried following this back into hw/virtio-9p.c and I don't see an explicit PATH_MAX length limit for path. Stefan