bhyve: Accept a variable-length string name for qemu_fwcfg_add_file.

It is illegal (UB?) to pass a shorter array to a function argument that takes a fixed-length array. Do a runtime check for names that are too long via strlen() instead. Reviewed by: markj Reported by: GCC -Wstringop-overread Differential Revision: https://reviews.freebsd.org/D39211
2023-03-22 12:34:34 -07:00 · 2023-03-22 12:34:34 -07:00 · 61482760a0
commit 61482760a0
parent 48c519be0e
2 changed files with 5 additions and 3 deletions
--- a/usr.sbin/bhyve/qemu_fwcfg.c
+++ b/usr.sbin/bhyve/qemu_fwcfg.c
@ -261,9 +261,11 @@ qemu_fwcfg_register_port(const char *const name, const int port, const int size,
 }

 int
-qemu_fwcfg_add_file(const uint8_t name[QEMU_FWCFG_MAX_NAME],
-    const uint32_t size, void *const data)
+qemu_fwcfg_add_file(const char *name, const uint32_t size, void *const data)
 {
+	if (strlen(name) >= QEMU_FWCFG_MAX_NAME)
+		return (EINVAL);
+
 	/*
 	 * QEMU specifies count as big endian.
 	 * Convert it to host endian to work with it.
--- a/usr.sbin/bhyve/qemu_fwcfg.h
+++ b/usr.sbin/bhyve/qemu_fwcfg.h
@ -18,6 +18,6 @@ struct qemu_fwcfg_item {
 	uint8_t *data;
 };

-int qemu_fwcfg_add_file(const uint8_t name[QEMU_FWCFG_MAX_NAME],
+int qemu_fwcfg_add_file(const char *name,
    const uint32_t size, void *const data);
 int qemu_fwcfg_init(struct vmctx *const ctx);