git.ipfire.org Git - thirdparty/qemu.git/commit

author	Laszlo Ersek <lersek@redhat.com>
	Wed, 17 Jun 2015 12:45:03 +0000 (14:45 +0200)
committer	Michael Roth <mdroth@linux.vnet.ibm.com>
	Wed, 29 Jul 2015 23:41:25 +0000 (18:41 -0500)
commit	6130c462328d89910be6dbea4bdc35baa7107104
tree	49c724bc305af6781d6abbbfcc40ae0ae39c0cef	tree
parent	49ef542e41526218fa28bf8762f95387a1cc4ccf	commit \| diff

hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf()

This is done mainly for improving readability, and in preparation for the
next patch, but Markus pointed out another bonus for the string being
returned:

"No arbitrary length limit. Before the patch, it's 39 characters, and the
code breaks catastrophically when qdev_fw_name() is longer: the second
snprintf() is called with its first argument pointing beyond path[], and
its second argument underflowing to a huge size."

Cc: qemu-stable@nongnu.org
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 5ba03e2dd785362026917e4cc8a1fd2c64e8e62c)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>