| Message ID | 1468324939-12221-9-git-send-email-peter.maydell@linaro.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index f849a5d..9dbd711 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -6530,7 +6530,7 @@ static int open_self_cmdline(void *cpu_env, int fd) if (!word_skipped) { /* Skip the first string, which is the path to qemu-*-static instead of the actual command. */ - cp_buf = memchr(buf, 0, sizeof(buf)); + cp_buf = memchr(buf, 0, nb_read); if (cp_buf) { /* Null byte found, skip one string */ cp_buf++;
In open_self_cmdline() we look for a 0 in the buffer we read from /prc/self/cmdline. We were incorrectly passing the length of our buf[] array to memchr() as the length to search, rather than the number of bytes we actually read into it, which could be shorter. This was spotted by Coverity (because it could result in our trying to pass a negative length argument to write()). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> --- linux-user/syscall.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)