gdbstub: fix off-by-one in gdb_handle_packet()

memtohex() adds an extra trailing NUL character.

Reported-by: AddressSanitizer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20180408145933.1149-1-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Philippe Mathieu-Daudé 2018-04-08 11:59:33 -03:00 committed by Peter Maydell
parent b2c1742da0
commit 9005774b27

View File

@ -507,6 +507,7 @@ static inline int tohex(int v)
return v - 10 + 'a'; return v - 10 + 'a';
} }
/* writes 2*len+1 bytes in buf */
static void memtohex(char *buf, const uint8_t *mem, int len) static void memtohex(char *buf, const uint8_t *mem, int len)
{ {
int i, c; int i, c;
@ -999,8 +1000,8 @@ static int gdb_handle_packet(GDBState *s, const char *line_buf)
const char *p; const char *p;
uint32_t thread; uint32_t thread;
int ch, reg_size, type, res; int ch, reg_size, type, res;
char buf[MAX_PACKET_LENGTH];
uint8_t mem_buf[MAX_PACKET_LENGTH]; uint8_t mem_buf[MAX_PACKET_LENGTH];
char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
uint8_t *registers; uint8_t *registers;
target_ulong addr, len; target_ulong addr, len;