buffer overflow fix

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@932 c046a42c-6fe2-441c-8c8c-71466251a162

buffer overflow fix
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@932 c046a42c-6fe2-441c-8c8c-71466251a162
eba2af63 · bellard · 95ce326e · eba2af63 · eba2af63 · eba2af63
隐藏空白更改
内联并排

Showing with 3 addition and 3 deletion

block.c block.c +1 -1

linux-user/elfload.c linux-user/elfload.c +1 -1

target-i386/helper2.c target-i386/helper2.c +1 -1

未找到文件。
--- a/block.c
+++ b/block.c
@@ -92,7 +92,7 @@ int bdrv_open(BlockDriverState *bs, const char *filename, int snapshot)
    bs->fd = -1;
    bs->cow_fd = -1;
    bs->cow_bitmap = NULL;
-    strcpy(bs->filename, filename);
+    pstrcpy(bs->filename, sizeof(bs->filename), filename);

    /* open standard HD image */
 #ifdef _WIN32

--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1067,7 +1067,7 @@ static int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * r
 	char * passed_p;

 	if (interpreter_type == INTERPRETER_AOUT) {
-	    sprintf(passed_fileno, "%d", bprm->fd);
+	    snprintf(passed_fileno, sizeof(passed_fileno), "%d", bprm->fd);
 	    passed_p = passed_fileno;

 	    if (elf_interpreter) {

--- a/target-i386/helper2.c
+++ b/target-i386/helper2.c
@@ -212,7 +212,7 @@ void cpu_x86_dump_state(CPUX86State *env, FILE *f, int flags)
    
    if (flags & X86_DUMP_CCOP) {
        if ((unsigned)env->cc_op < CC_OP_NB)
-            strcpy(cc_op_name, cc_op_str[env->cc_op]);
+            snprintf(cc_op_name, sizeof(cc_op_name), "%s", cc_op_str[env->cc_op]);
        else
            snprintf(cc_op_name, sizeof(cc_op_name), "[%d]", env->cc_op);
        fprintf(f, "CCS=%08x CCD=%08x CCO=%-8s\n",