Peter Maydell 9b1268f55c semihosting: Fix handling of buffer in TARGET_SYS_TMPNAM ...

The TARGET_SYS_TMPNAM implementation has two bugs spotted by
Coverity:
 * confusion about whether 'len' has the length of the string
   including or excluding the terminating NUL means we
   lock_user() len bytes of memory but memcpy() len + 1 bytes
 * In the error-exit cases we forget to free() the buffer
   that asprintf() returned to us

Resolves: Coverity CID 1490285, 1490289
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-5-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-10-alex.bennee@linaro.org>

2022-07-29 09:48:01 +01:00

..

arm-compat-semi.c

semihosting: Fix handling of buffer in TARGET_SYS_TMPNAM

2022-07-29 09:48:01 +01:00

config.c

semihosting: Cleanup chardev init

2022-06-28 04:35:52 +05:30

console.c

semihosting: Don't return negative values on qemu_semihosting_console_write() failure

2022-07-29 09:48:01 +01:00

guestfd.c

semihosting: Create qemu_semihosting_guestfd_init

2022-06-28 04:36:50 +05:30

Kconfig

…

meson.build

semihosting: Split out semihost_sys_open

2022-06-28 04:35:39 +05:30

syscalls.c

semihosting: Don't copy buffer after console_write()

2022-07-29 09:48:01 +01:00

uaccess.c

semihosting: Simplify softmmu_lock_user_string

2022-06-28 04:35:06 +05:30