buffer overflow fix

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@932 c046a42c-6fe2-441c-8c8c-71466251a162

diff --git a/block.c b/block.c
index c126788..e71adda 100644 (file)
--- a/block.c
+++ b/block.c
@@ -92,7 +92,7 @@ int bdrv_open(BlockDriverState *bs, const char *filename, int snapshot)
     bs->fd = -1;
     bs->cow_fd = -1;
     bs->cow_bitmap = NULL;
-    strcpy(bs->filename, filename);
+    pstrcpy(bs->filename, sizeof(bs->filename), filename);
 
     /* open standard HD image */
 #ifdef _WIN32

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 899e085..21261e2 100644 (file)
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1067,7 +1067,7 @@ static int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * r
        char * passed_p;
 
        if (interpreter_type == INTERPRETER_AOUT) {
-           sprintf(passed_fileno, "%d", bprm->fd);
+           snprintf(passed_fileno, sizeof(passed_fileno), "%d", bprm->fd);
            passed_p = passed_fileno;
 
            if (elf_interpreter) {

diff --git a/target-i386/helper2.c b/target-i386/helper2.c
index e0d917a..1d5bdc1 100644 (file)
--- a/target-i386/helper2.c
+++ b/target-i386/helper2.c
@@ -212,7 +212,7 @@ void cpu_x86_dump_state(CPUX86State *env, FILE *f, int flags)
     
     if (flags & X86_DUMP_CCOP) {
         if ((unsigned)env->cc_op < CC_OP_NB)
-            strcpy(cc_op_name, cc_op_str[env->cc_op]);
+            snprintf(cc_op_name, sizeof(cc_op_name), "%s", cc_op_str[env->cc_op]);
         else
             snprintf(cc_op_name, sizeof(cc_op_name), "[%d]", env->cc_op);
         fprintf(f, "CCS=%08x CCD=%08x CCO=%-8s\n",