mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-11-25 17:59:25 +01:00
test-runner: Fix buffer overflow
The argv buffer allocated by alloca is only large enough to hold the original argument list. Additional arguments (such as --kernel) are appended at the end, which results in the stack corruption. Make sure to allocate space for additional arguments.
This commit is contained in:
parent
f4becdff6a
commit
d53873a254
@ -284,7 +284,7 @@ static void start_qemu(void)
|
|||||||
initcmd, cwd, verbose_out, test_dir_list, testargs,
|
initcmd, cwd, verbose_out, test_dir_list, testargs,
|
||||||
getenv("PATH"));
|
getenv("PATH"));
|
||||||
|
|
||||||
argv = alloca(sizeof(qemu_argv));
|
argv = alloca(sizeof(qemu_argv) + sizeof(char *) * 5);
|
||||||
memcpy(argv, qemu_argv, sizeof(qemu_argv));
|
memcpy(argv, qemu_argv, sizeof(qemu_argv));
|
||||||
|
|
||||||
pos = (sizeof(qemu_argv) / sizeof(char *)) - 1;
|
pos = (sizeof(qemu_argv) / sizeof(char *)) - 1;
|
||||||
|
Loading…
Reference in New Issue
Block a user